VYPR

Akocomment

by Arthur Konze Webdesign

CVEs (3)

  • CVE-2007-3573Jul 5, 2007
    risk 0.00cvss epss 0.01

    Multiple SQL injection vulnerabilities in akocomment allow remote attackers to execute arbitrary SQL commands via the (1) acparentid or (2) acitemid parameter to an unspecified component, different vectors than CVE-2006-1421.

  • CVE-2006-4281Aug 21, 2006
    risk 0.00cvss epss 0.02

    PHP remote file inclusion vulnerability in akocomments.php in AkoComment 1.1 module (com_akocomment) for Mambo 4.5 allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.

  • CVE-2006-1421Mar 28, 2006
    risk 0.00cvss epss 0.01

    Multiple SQL injection vulnerabilities in akocomment.php in AkoComment 2.0 module for Mambo, with magic_quotes_gpc disabled, allow remote attackers to execute arbitrary SQL commands via the (1) acname or (2) contentid parameter.