2 matches found
CVE-2006-2243
The vulnerability CVE-2006-2243 affects Web4Future News Portal and involves stored/reflected XSS by manipulating the ID parameter in two pages, comentarii.php and view.php. The root cause is insufficient input validation that allows arbitrary script/HTML injection, enabling remote attackers to ex...
CVE-2006-2244
The CVE-2006-2244 entry concerns the Web4Future News Portal with multiple SQL injection flaws reachable via the ID parameter in two scripts (comentarii.php and view.php). The root cause is unsafely constructed SQL queries that allow remote attackers to alter the database, with impact described as...