2 matches found
CVE-2008-1553
Directory traversal vulnerability in mod.php of TopperMod 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the to parameter. CVSS2 base score 6.8 (MEDIUM); attack vector NETWORK, no authentication, no user interaction required; impacts partial confide...
CVE-2008-1554
CVE-2008-1554 refers to a SQL injection vulnerability in the TopperMod 2.0 package, specifically in account/index.php . The issue arises when magic_quotes_gpc is disabled and allows remote attackers to inject arbitrary SQL through the localita parameter by using a non-alphanumeric first character...