2 matches found
CVE-2005-4038
CVE-2005-4038: A SQL injection flaw exists in Web4Future Portal Solutions News Portal’s comentarii.php, exploitable via the idp parameter. The vulnerability allows remote attackers to execute arbitrary SQL commands. Documents confirm the affected product and parameter but do not provide exploitat...
CVE-2005-4039
CVE-2005-4039 affects the Web4Future Portal Solutions News Portal. A directory traversal flaw in arhiva.php allows remote attackers to read arbitrary files through the dir parameter. The NVD entry lists a base score of 7.8 (HIGH) with network access and low attack complexity. The connected source...