| Max CVSS | 10.0 | Min CVSS | 4.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-1154 | 6.8 |
SQL injection vulnerability in webSPELL allows remote attackers to execute arbitrary SQL commands via a ws_auth cookie, a different vulnerability than CVE-2006-4782. Successful exploitation requires that "magic_quotes_gpc" is disabled. Affected produ
|
16-10-2018 - 16:36 | 02-03-2007 - 21:18 | |
| CVE-2007-1160 | 10.0 |
webSPELL 4.0, and possibly later versions, allows remote attackers to bypass authentication via a ws_auth cookie, a different vulnerability than CVE-2006-4782. This vulnerability may affect more recent versions of the product as well. (WebSPELL, WebS
|
16-10-2018 - 16:36 | 02-03-2007 - 21:18 | |
| CVE-2007-1155 | 4.6 |
Unrestricted file upload vulnerability in webSPELL allows remote authenticated administrators to upload and execute arbitrary PHP code via the add squad feature. NOTE: this issue may be an administrative feature, in which case this CVE may be REJECT
|
16-10-2018 - 16:36 | 02-03-2007 - 21:18 |