Gcards@* Security Vulnerabilities and Issues — Gcards@* CVE List

Lucene search

Greg NeustaetterGcards*

4 matches found

CVE•added 2006/03/22 1:2 a.m.•42 views

CVE-2006-1347

SQL injection vulnerability in loginfunction.php in Greg Neustaetter gCards 1.45 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter.

7.5CVSS8.3AI score0.01358EPSS

CVE•added 2006/03/22 1:2 a.m.•42 views

CVE-2006-1348

Cross-site scripting (XSS) vulnerability in index.php in Greg Neustaetter gCards 1.45 and earlier allows remote attackers to inject arbitrary web script or HTML via the lang[*][file] parameter, which is injected into an error message. NOTE: this issue might be resultant from CVE-2006-1346.

4.3CVSS5.6AI score0.08595EPSS

CVE•added 2006/03/22 1:2 a.m.•40 views

CVE-2006-1346

Directory traversal vulnerability in inc/setLang.php in Greg Neustaetter gCards 1.45 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in a lang[*][file] parameter, as demonstrated by injecting PHP sequences into an Apache access_log ...

6.4CVSS7.1AI score0.08595EPSS

CVE•added 2007/06/01 1:30 a.m.•38 views

CVE-2007-2971

SQL injection vulnerability in getnewsitem.php in gCards 1.46 and earlier allows remote attackers to execute arbitrary SQL commands via the newsid parameter.

7.5CVSS8.4AI score0.02588EPSS