VYPR

Easye Cards

by Myiosoft

CVEs (2)

  • CVE-2008-3345Jul 28, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in staticpages/easyecards/index.php in MyioSoft EasyE-Cards 3.5 trial edition (tr) and 3.10a, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the sid parameter in a pickup action.

  • CVE-2008-3344Jul 28, 2008
    risk 0.00cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in staticpages/easyecards/index.php in MyioSoft EasyE-Cards 3.5 trial edition (tr) and 3.10a allow remote attackers to inject arbitrary web script or HTML via the (1) ResultHtml, (2) dir, (3) SenderName, (4) RecipientName, (5)…