Opial Security Vulnerabilities and Issues — Opial CVE List

Lucene search

OpialOpial

4 matches found

cve•added 2009/10/22 5:30 p.m.•45 views

CVE-2009-3753

Unrestricted file upload vulnerability in Opial 1.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension as a User Image, then accessing it via a request to the file in userimages, related to register.php.

7.5CVSS7.7AI score0.03791EPSS

cve•added 2009/07/07 7:30 p.m.•32 views

CVE-2009-2340

SQL injection vulnerability in admin/index.php in Opial 1.0 allows remote attackers to execute arbitrary SQL commands via the txtUserName (aka User Name) parameter. NOTE: some of these details are obtained from third party information.

7.5CVSS8.7AI score0.00364EPSS

cve•added 2009/10/22 5:30 p.m.•32 views

CVE-2009-3752

SQL injection vulnerability in home.php in Opial 1.0 allows remote attackers to execute arbitrary SQL commands via the genres_parent parameter.

7.5CVSS8.4AI score0.00405EPSS

cve•added 2009/10/22 5:30 p.m.•31 views

CVE-2009-3751

Cross-site scripting (XSS) vulnerability in home.php in Opial 1.0 allows remote attackers to inject arbitrary web script or HTML via the genres_parent parameter.

4.3CVSS5.7AI score0.00959EPSS