SQL injection vulnerability in categorydetail.php in Article Friendly Standard allows remote attackers to execute arbitrary SQL commands via the Cat parameter.
8.4AI Score
0.004EPSS
SQL injection vulnerability in authordetail.php in Article Friendly Pro allows remote attackers to execute arbitrary SQL commands via the autid parameter.
8.4AI Score
0.003EPSS
Directory traversal vulnerability in admin/index.php in Article Friendly, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.
6.8AI Score
0.007EPSS