Khader Abbeb : Security Vulnerabilities, CVEs,
SQL injection vulnerability in poll.php in Entrans 0.3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the sid parameter.
Max CVSS
7.5
EPSS Score
0.12%
Published
2011-10-09
Updated
2012-05-14
Cross-site scripting (XSS) vulnerability in search.php in Entrans before 0.3.3 allows remote attackers to inject arbitrary web script or HTML via the query parameter.
Max CVSS
4.3
EPSS Score
0.13%
Published
2011-10-09
Updated
2012-05-14
2 vulnerabilities found