Valarsoft : Security Vulnerabilities, CVEs, CVSS score >= 5
SQL injection vulnerability in index.php in Webmatic 3.1.1 allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header.
Max CVSS
6.8
EPSS Score
39.39%
Published
2012-07-12
Updated
2018-05-29
SQL injection vulnerability in index.php in Webmatic allows remote attackers to execute arbitrary SQL commands via the p parameter.
Max CVSS
7.5
EPSS Score
0.06%
Published
2011-07-08
Updated
2017-08-29
Multiple SQL injection vulnerabilities in Valarsoft Webmatic before 3.0.3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, a different issue than CVE-2008-2925.
Max CVSS
7.5
EPSS Score
0.13%
Published
2009-12-22
Updated
2009-12-23
SQL injection vulnerability in Webmatic before 2.8 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Max CVSS
7.5
EPSS Score
0.15%
Published
2008-06-30
Updated
2017-08-08
Multiple unspecified vulnerabilities in Webmatic before 2.7 have unknown impact and attack vectors, related to the "administration area."
Max CVSS
7.5
EPSS Score
0.51%
Published
2007-07-12
Updated
2012-10-31
SQL injection vulnerability in Webmatic before 2.6.2, and possibly other versions before 2.7, allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly related to admin/admin_album.php and admin/admin_downloads.php. NOTE: some of these details are obtained from third party information.
Max CVSS
7.5
EPSS Score
0.57%
Published
2007-07-10
Updated
2011-03-08
Multiple PHP remote file inclusion vulnerabilities in index/index_album.php in Valarsoft WebMatic 2.6 allow remote attackers to execute arbitrary PHP code via a URL in the (1) P_LIB and (2) P_INDEX parameters.
Max CVSS
7.5
EPSS Score
10.08%
Published
2007-02-08
Updated
2017-10-19
7 vulnerabilities found