Webmastersite
Products
2- 4 CVEs
- 1 CVE
Recent CVEs
5| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2011-1060 | 0.03 | — | 0.01 | Feb 23, 2011 | SQL injection vulnerability in the member function in classes/member.php in WSN Guest 1.24 allows remote attackers to execute arbitrary SQL commands via the wsnuser cookie to index.php. | ||
| CVE-2010-0672 | 0.03 | — | 0.00 | Feb 22, 2010 | SQL injection vulnerability in index.php in WSN Guest 1.02 allows remote attackers to execute arbitrary SQL commands via the orderlinks parameter. | ||
| CVE-2009-0704 | 0.03 | — | 0.00 | Feb 23, 2009 | SQL injection vulnerability in search.php in WSN Guest 1.23 allows remote attackers to execute arbitrary SQL commands via the search parameter in an advanced action. | ||
| CVE-2011-3820 | 0.00 | — | 0.00 | Sep 24, 2011 | WSN Software 6.0.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/prestart.php and certain other files. | ||
| CVE-2011-1061 | 0.00 | — | 0.01 | Feb 23, 2011 | SQL injection vulnerability in memberlist.php in WSN Guest 1.24 allows remote attackers to execute arbitrary SQL commands via the time parameter. |
- CVE-2011-1060Feb 23, 2011risk 0.03cvss —epss 0.01
SQL injection vulnerability in the member function in classes/member.php in WSN Guest 1.24 allows remote attackers to execute arbitrary SQL commands via the wsnuser cookie to index.php.
- CVE-2010-0672Feb 22, 2010risk 0.03cvss —epss 0.00
SQL injection vulnerability in index.php in WSN Guest 1.02 allows remote attackers to execute arbitrary SQL commands via the orderlinks parameter.
- CVE-2009-0704Feb 23, 2009risk 0.03cvss —epss 0.00
SQL injection vulnerability in search.php in WSN Guest 1.23 allows remote attackers to execute arbitrary SQL commands via the search parameter in an advanced action.
- CVE-2011-3820Sep 24, 2011risk 0.00cvss —epss 0.00
WSN Software 6.0.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/prestart.php and certain other files.
- CVE-2011-1061Feb 23, 2011risk 0.00cvss —epss 0.01
SQL injection vulnerability in memberlist.php in WSN Guest 1.24 allows remote attackers to execute arbitrary SQL commands via the time parameter.