VYPR

Buzzywall

by Buzzywall

CVEs (2)

  • CVE-2008-6029Feb 3, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in search.php in BuzzyWall 1.3.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the search parameter.

  • CVE-2008-4759Oct 28, 2008
    risk 0.03cvss epss 0.03

    Directory traversal vulnerability in download.php in BuzzyWall 1.3.1 allows remote attackers to read arbitrary local files via a .. (dot dot) in the id parameter.