VYPR

Flashlight Free Edition

by Ringsworld

CVEs (2)

  • CVE-2009-4205Dec 4, 2009
    risk 0.03cvss epss 0.02

    Directory traversal vulnerability in admin.php in Flashlight Free Edition allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter.

  • CVE-2009-4204Dec 4, 2009
    risk 0.03cvss epss 0.00

    SQL injection vulnerability in read.php in Flashlight Free Edition allows remote attackers to execute arbitrary SQL commands via the id parameter.