Vendor

Gregarius

Products

CVEs

Across products

Status

Private

Products

CVE	Risk	CVSS	EPSS	Published	Description
CVE-2008-3374	0.03	—	0.01	Jul 30, 2008	SQL injection vulnerability in ajax.php in Gregarius 0.5.4 and earlier allows remote attackers to execute arbitrary SQL commands via the rsargs array parameter in an __exp__getFeedContent action.
CVE-2006-1041	0.00	—	0.01	Mar 7, 2006	Multiple cross-site scripting (XSS) vulnerabilities in Gregarius 0.5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) rss_query parameter to search.php or (2) tag parameter to tags.php.
CVE-2006-1042	0.00	—	0.01	Mar 7, 2006	Multiple SQL injection vulnerabilities in Gregarius 0.5.2 allow remote attackers to execute arbitrary SQL commands via the (1) folder parameter to feed.php or (2) rss_query parameter to search.php.

CVE-2008-3374Jul 30, 2008
risk 0.03cvss —epss 0.01
SQL injection vulnerability in ajax.php in Gregarius 0.5.4 and earlier allows remote attackers to execute arbitrary SQL commands via the rsargs array parameter in an __exp__getFeedContent action.
CVE-2006-1041Mar 7, 2006
risk 0.00cvss —epss 0.01
Multiple cross-site scripting (XSS) vulnerabilities in Gregarius 0.5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) rss_query parameter to search.php or (2) tag parameter to tags.php.
CVE-2006-1042Mar 7, 2006
risk 0.00cvss —epss 0.01
Multiple SQL injection vulnerabilities in Gregarius 0.5.2 allow remote attackers to execute arbitrary SQL commands via the (1) folder parameter to feed.php or (2) rss_query parameter to search.php.