5 matches found
CVE-2007-6310
Multiple cross-site scripting XSS vulnerabilities in Falt4Extreme RC4 10.9.2007 allow remote attackers to inject arbitrary web script or HTML via the handler parameter to 1 index.php and possibly 2 admin/index.php, and 3 the topic parameter to modules/feed/feed.php aka modules/feed.php...
Sql injection
SQL injection vulnerability in 1 index.php, and possibly 2 admin/index.php, in Falt4Extreme RC4 10.9.2007 allows remote attackers to execute arbitrary SQL commands via the navID parameter...
CVE-2007-6311
SQL injection vulnerability in 1 index.php, and possibly 2 admin/index.php, in Falt4Extreme RC4 10.9.2007 allows remote attackers to execute arbitrary SQL commands via the navID parameter...
CVE-2007-6311
The CVE-2007-6311 entry describes an SQL injection in Falt4Extreme RC4 (version around 10.9.2007) exploitable via the nav_ID parameter in index.php (and possibly admin/index.php). The vulnerability allows remote attackers to execute arbitrary SQL commands and may impact data confidentiality, inte...
CVE-2007-6310
CVE-2007-6310 describes multiple cross-site scripting (XSS) vulnerabilities in the product Falt4Extreme RC4 10.9.2007 . The affected vectors are the handler parameter to (1) index.php, potentially (2) admin/index.php, and the topic parameter to modules/feed/feed.php (aka modules/feed.php). The ro...