Vulnerabilities (CVE)

Filtered by vendor Almnzm Subscribe
Filtered by product Almnzm
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-5055 1 Almnzm 1 Almnzm 2024-02-04 7.5 HIGH N/A
SQL injection vulnerability in index.php in Almnzm 2.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-3173 1 Almnzm 1 Almnzm 2024-02-04 5.0 MEDIUM N/A
Almnzm allows remote attackers to obtain sensitive information via an activateorder request to index.php with an invalid orderid parameter, probably related to '[' and ']' characters.