Vulnerabilities (CVE)

Filtered by vendor Stefan Frech Subscribe
Filtered by product Online-bookmarks
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-6358 1 Stefan Frech 1 Online-bookmarks 2024-02-04 7.5 HIGH N/A
SQL injection vulnerability in the login function in auth.inc in Stefan Frech online-bookmarks 0.6.12 allows remote attackers to execute arbitrary SQL commands via the (1) username and possibly the (2) password parameter. NOTE: some of these details are obtained from third party information.
CVE-2006-6359 1 Stefan Frech 1 Online-bookmarks 2024-02-04 6.8 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Stefan Frech online-bookmarks 0.6.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.