3 matches found
CVE-2006-4503
Directory traversal vulnerability in link.php in NX5Linx 1.0 allows remote attackers to read arbitrary files via the logo parameter.
CVE-2006-4504
SQL injection vulnerability in NX5Linx 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) c and (2) l parameters.
CVE-2006-4505
CRLF injection vulnerability in links.php in NX5Linx 1.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a CRLF sequence in the url parameter.