2 matches found
CVE-2009-1909
CVE-2009-1909 affects SKIP from SKIP User Group; versions 1.0.2 and earlier, and 1.1RC2 and earlier 1.1RC contain a SQL injection vulnerability that allows remote execution of arbitrary SQL via unspecified vectors. Root cause is improper input handling in SKIP’s SQL paths. Impact includes potenti...
CVE-2009-1908
CVE-2009-1908 is a cross-site scripting (XSS) vulnerability in SKIP up to version 1.0.2 and earlier, and 1.1RC2 and earlier 1.1RC. The vulnerability page confirms that an arbitrary script could be injected and executed in affected SKIP web interfaces. The JVN entries (JVNDB-2009-000025 and JVN432...