2 matches found
CVE-2010-2855
CVE-2010-2855 affects Event Horizon (EVH) 1.1.10 via the vulnerable script modfile.php, enabling SQL injection when magic_quotes_gpc is disabled. The vulnerability allows remote attackers to inject arbitrary SQL through the YourEmail and VerificationNumber parameters, potentially leading to data ...
CVE-2010-2854
Event Horizon EVH 1.1.10 modfile.php is affected by XSS and SQL injection vulnerabilities when magic_quotes_gpc is disabled. The issues allow remote attackers to inject arbitrary web script or HTML via the YourEmail and VerificationNumber parameters, reportedly caused by improper handling within ...