Vulnerabilities (CVE)

Filtered by vendor Saphp Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2005-3363 1 Saphp 1 Saphplesson 2024-02-28 7.5 HIGH N/A
SQL injection vulnerability in Saphp Lesson, possibly saphp Lesson1.1 and saphpLesson2.0, allows remote attackers to execute arbitrary SQL commands via the forumid parameter in (1) showcat.php and (2) add.php.
CVE-2006-3161 1 Saphp 1 Saphplesson 2024-02-28 7.5 HIGH N/A
SQL injection vulnerability in misc.php in SaphpLesson 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the action parameter.