Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2005-4016 | 7.5 |
SQL injection vulnerability in Widget Property 1.1.19 allows remote attackers to execute arbitrary SQL commands via the (1) property_id, (2) zip_code, (3) property_type_id, (4) price, and (5) city_id parameters to property.php.
|
08-03-2011 - 02:27 | 05-12-2005 - 11:03 | |
CVE-2005-4017 | 5.0 |
property.php in Widget Property 1.1.19 allows remote attackers to obtain the full server path via an invalid lang value, which leaks the path in the resulting error message.
|
20-09-2008 - 04:41 | 05-12-2005 - 11:03 |