VYPR
Vendor

PHP Gift Registry

Products
2
CVEs
3
Across products
3
Status
Private

Products

2

Recent CVEs

3
  • CVE-2012-2236Apr 20, 2012
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in users.php in PHP Gift Registry 1.5.5 allows remote authenticated users to execute arbitrary SQL commands via the userid parameter in an edit action.

  • CVE-2005-0292Jan 17, 2005
    risk 0.00cvss epss 0.02

    Multiple SQL injection vulnerabilities in index.php in PHP Gift Registry (phpGiftReg) 1.4.0, and possibly other versions before 1.5.0b1, allow remote attackers to execute arbitrary SQL commands via the (1) messageid, (2) shopper, (3) shopfor, or (4) itemid parameters.

  • CVE-2004-2484Dec 31, 2004
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in PHP Gift Registry 1.3.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the message parameter to (1) event.php or (2) index.php.