Vulnerabilities (CVE)

Vendor filter

Valarsoft Subscribe

Filter

9 total CVE
CVE Vendors Products Updated CVSS
CVE-2012-3350 2 Wafer, Valarsoft 2 Webmatic, Webmatic 2018-05-29 6.8
SQL injection vulnerability in index.php in Webmatic 3.1.1 allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header.
CVE-2007-0839 1 Valarsoft 1 Webmatic 2017-10-19 7.5
Multiple PHP remote file inclusion vulnerabilities in index/index_album.php in Valarsoft WebMatic 2.6 allow remote attackers to execute arbitrary PHP code via a URL in the (1) P_LIB and (2) P_INDEX parameters.
CVE-2010-4808 1 Valarsoft 1 Webmatic 2017-08-29 7.5
SQL injection vulnerability in index.php in Webmatic allows remote attackers to execute arbitrary SQL commands via the p parameter.
CVE-2008-2925 1 Valarsoft 1 Webmatic 2017-08-08 7.5
SQL injection vulnerability in Webmatic before 2.8 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-2924 1 Valarsoft 1 Webmatic 2017-08-08 4.3
Cross-site scripting (XSS) vulnerability in Webmatic before 2.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2007-3727 1 Valarsoft 1 Webmatic 2012-10-31 7.5
Multiple unspecified vulnerabilities in Webmatic before 2.7 have unknown impact and attack vectors, related to the "administration area."
CVE-2007-3648 1 Valarsoft 1 Webmatic 2011-03-08 7.5
SQL injection vulnerability in Webmatic before 2.6.2, and possibly other versions before 2.7, allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly related to admin/admin_album.php and...
CVE-2009-4380 1 Valarsoft 1 Webmatic 2009-12-23 7.5
Multiple SQL injection vulnerabilities in Valarsoft Webmatic before 3.0.3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, a different issue than CVE-2008-2925.
CVE-2009-4379 1 Valarsoft 1 Webmatic 2009-12-23 4.3
Multiple cross-site scripting (XSS) vulnerabilities in Valarsoft Webmatic before 3.0.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2008-2924.