Postecards Security Vulnerabilities and Issues — Postecards CVE List

Lucene search

DazzlindonnaPostecards

2 matches found

CVE•added 2008/12/15 6:0 p.m.•38 views

CVE-2008-5559

SQL injection vulnerability in sendcard.cfm in PostEcards allows remote attackers to execute arbitrary SQL commands via the cid parameter.

7.5CVSS8.4AI score0.00195EPSS

CVE•added 2008/12/15 6:0 p.m.•34 views

CVE-2008-5560

PostEcards stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for postcards.mdb.

5CVSS6.3AI score0.02888EPSS