Classmates 1.1.1 Cross Site Scripting

Product: CLASSMATES Vendor: http://www.got.my http://www.got.my/CLASSMATES/ Vulnerable Version: 1.1.1 Vulnerability Type: XSS Cross Site Scripting Risk level: Medium Credit: Hector.x90 Vulnerability Details: User can execute arbitrary JavaScript code within the vulnerable application. The...

CVE-2008-3563

Multiple SQL injection vulnerabilities in Plogger 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via 1 the checked array parameter to plog-download.php in an album action and 2 unspecified parameters to plog-remote.php, and 3 allow remote authenticated administrators to...