VYPR
Vendor

SMA DB

Products
1
CVEs
2
Across products
2
Status
Private

Products

1

Recent CVEs

2
  • CVE-2009-1452Apr 28, 2009
    risk 0.03cvss epss 0.02

    Multiple PHP remote file inclusion vulnerabilities in theme/format.php in SMA-DB 0.3.13 allow remote attackers to execute arbitrary PHP code via a URL in the (1) _page_css and (2) _page_javascript parameters. NOTE: the _page_content vector is already is covered by CVE-2009-1450.

  • CVE-2009-1451Apr 28, 2009
    risk 0.03cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in startpage.php in SMA-DB 0.3.12 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.