Sign in Subscribe

← All vendors

Vendor

Nicholas Berry

Products

1

CVEs

2

Across products

2

Status

Private

Products

1

Candid
2 CVEs

Recent CVEs

2

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2010-4979	Nicholas Berry Candid		0.03	—	0.01		Nov 1, 2011	SQL injection vulnerability in image/view.php in CANDID allows remote attackers to execute arbitrary SQL commands via the image_id parameter.
CVE-2010-4978	Nicholas Berry Candid		0.03	—	0.03		Nov 1, 2011	Cross-site scripting (XSS) vulnerability in image/view.php in CANDID allows remote attackers to inject arbitrary web script or HTML via the image_id parameter.

CVE-2010-4979Nov 1, 2011
Nicholas Berry
Candid
risk 0.03cvss —epss 0.01
SQL injection vulnerability in image/view.php in CANDID allows remote attackers to execute arbitrary SQL commands via the image_id parameter.
CVE-2010-4978Nov 1, 2011
Nicholas Berry
Candid
risk 0.03cvss —epss 0.03
Cross-site scripting (XSS) vulnerability in image/view.php in CANDID allows remote attackers to inject arbitrary web script or HTML via the image_id parameter.