Phpsugar : Security Vulnerabilities, CVEs,

CVE-2018-5211

PHP Melody version 2.7.1 suffer from SQL Injection Time-based attack on the page ajax.php with the parameter playlist.
Max CVSS
9.8
EPSS Score
0.21%
Published
2018-01-09
Updated
2018-01-31

CVE-2017-15648

In PHPSUGAR PHP Melody before 2.7.3, page_manager.php has XSS via the page_title parameter.
Max CVSS
6.1
EPSS Score
0.08%
Published
2017-10-19
Updated
2017-11-07

CVE-2017-15579

In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via an aa_pages_per_page cookie in a playlist action to watch.php.
Max CVSS
9.8
EPSS Score
0.16%
Published
2017-10-18
Updated
2017-11-08

CVE-2017-15578

In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via the image parameter to admin/edit_category.php.
Max CVSS
8.8
EPSS Score
0.08%
Published
2017-10-18
Updated
2017-11-08

CVE-2017-15081

In PHPSUGAR PHP Melody CMS 2.6.1, SQL Injection exists via the playlist parameter to playlists.php.
Max CVSS
9.8
EPSS Score
0.95%
Published
2017-10-24
Updated
2017-11-14

CVE-2009-2895

SQL injection vulnerability in rss.php in Ultimate Regnow Affiliate (URA) 3.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter.
Max CVSS
7.5
EPSS Score
0.10%
Published
2009-08-20
Updated
2017-09-19
6 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close