Enterprise Heart : Security Vulnerabilities, CVEs, CVSS score >= 4
SQL injection vulnerability in main.php in Enterprise Heart Enterprise Connector 1.0.2 allows remote attackers to execute arbitrary SQL commands and bypass login authentication via the loginid parameter, a different vulnerability than CVE-2005-3875.
Max CVSS
7.5
EPSS Score
1.04%
Published
2005-12-29
Updated
2017-07-20
Multiple SQL injection vulnerabilities in Enterprise Connector 1.0.2 and earlier allow remote attackers to execute arbitrary SQL commands via the messageid parameter in (1) send.php or (2) a delete action in messages.php.
Max CVSS
7.5
EPSS Score
0.46%
Published
2005-11-29
Updated
2011-03-08
2 vulnerabilities found