2 matches found
CVE-2008-2446
CVE-2008-2446 affects Web Group Communication Center (WGCC) 1.0.3 PreRelease 1 and earlier. Multiple SQL injection vulnerabilities allow arbitrary SQL execution via parameters in several actions: (1) userid in profile.php (show moreinfo), (2) bildid in picturegallery.php (shownext), (3) id in fil...
CVE-2008-2445
The CVE-2008-2445 issue is a Cross-Site Scripting (XSS) vulnerability in Web Group Communication Center (WGCC) profile.php, affecting version 1.0.3 PreRelease 1 and earlier. The vulnerability is triggered via the userid parameter in a show action, allowing remote attackers to inject arbitrary web...