Vulnerabilities (CVE)

Filtered by vendor Webmastersite Subscribe
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-3820 1 Webmastersite 1 Wsn Software 2024-11-21 5.0 MEDIUM N/A
WSN Software 6.0.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/prestart.php and certain other files.
CVE-2011-1061 1 Webmastersite 1 Wsn Guest 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in memberlist.php in WSN Guest 1.24 allows remote attackers to execute arbitrary SQL commands via the time parameter.
CVE-2011-1060 1 Webmastersite 1 Wsn Guest 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in the member function in classes/member.php in WSN Guest 1.24 allows remote attackers to execute arbitrary SQL commands via the wsnuser cookie to index.php.
CVE-2010-0672 1 Webmastersite 1 Wsn Guest 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in index.php in WSN Guest 1.02 allows remote attackers to execute arbitrary SQL commands via the orderlinks parameter.
CVE-2009-0704 1 Webmastersite 1 Wsn Guest 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in search.php in WSN Guest 1.23 allows remote attackers to execute arbitrary SQL commands via the search parameter in an advanced action.