Pear » Structures Datagrid Datasource Mdb2 : Security Vulnerabilities, CVEs,

CVE-2007-5934

The LOB functionality in PEAR MDB2 before 2.5.0a1 interprets a request to store a URL string as a request to retrieve and store the contents of the URL, which might allow remote attackers to use MDB2 as an indirect proxy or obtain sensitive information via a URL into a form field in an MDB2 application, as demonstrated by a file:// URL or a URL for an intranet web site.
Max CVSS
4.3
EPSS Score
0.66%
Published
2007-11-13
Updated
2011-03-08

CVE-2007-3628

Unspecified vulnerability in the fetch function in MDB2.php in PEAR Structures-DataGrid-DataSource-MDB2 0.1.9 and earlier allows attackers to "manipulate the generated sorting queries."
Max CVSS
5.0
EPSS Score
0.21%
Published
2007-07-09
Updated
2011-03-08
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close