Vulnerabilities (CVE)

Filtered by vendor Mealex Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-3064 1 Mealex 1 My Datebook 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in diary.php in My Databook allows remote attackers to inject arbitrary web script or HTML via the year parameter.
CVE-2007-3063 1 Mealex 1 My Databook 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in diary.php in My Databook allows remote attackers to execute arbitrary SQL commands via the delete parameter.