4 matches found
CVE-2012-6520
Multiple SQL injection vulnerabilities in the advanced search in Wikidforum 2.10 allow remote attackers to execute arbitrary SQL commands via the 1 selectsort or 2 optsearchselect parameters. NOTE: this issue could not be reproduced by third parties...
Sql injection
Multiple SQL injection vulnerabilities in the advanced search in Wikidforum 2.10 allow remote attackers to execute arbitrary SQL commands via the 1 selectsort or 2 optsearchselect parameters. NOTE: this issue could not be reproduced by third parties...
CVE-2012-2099
CVE-2012-2099 concerns Wikidforum 2.10 with multiple cross-site scripting (XSS) vulnerabilities. The issue allows remote attackers to inject arbitrary web script or HTML via the advanced search interface: (1) search field, (2) Author, or (3) select_sort parameters. The NVD entry lists a Medium se...
Wikidforum 2.10 Cross Site Scripting / SQL Injection
Advisory: Wikidforum 2.10 Multiple security vulnerabilities Advisory ID: SSCHADV2012-005 Author: Stefan Schurtz Affected Software: Successfully tested on Wikidforum 2.10 Vendor URL: http://www.wikidforum.com/ Vendor Status: informed ========================== Vulnerability Description...