Lucene search
BokaSiteengine
2 matches found
CVE-2008-7267
SQL injection vulnerability in announcements.php in SiteEngine 5.x allows remote attackers to execute arbitrary SQL commands via the id parameter.
7.5CVSS8.7AI score0.01385EPSS
CVE-2010-4357
SQL injection vulnerability in comments.php in SiteEngine 7.1 allows remote attackers to execute arbitrary SQL commands via the module parameter.
7.5CVSS8.7AI score0.00107EPSS