Dustincowell Free Simple Software vulnerabilities
2 known vulnerabilities affecting dustincowell/free_simple_software.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2010-4298P3HIGHCVSS 7.5PoCv1.02010-11-26
CVE-2010-4298 [HIGH] CWE-89 CVE-2010-4298: SQL injection vulnerability in the download module in Free Simple Software 1.0 allows remote attacke
SQL injection vulnerability in the download module in Free Simple Software 1.0 allows remote attackers to execute arbitrary SQL commands via the downloads_id parameter in a download_now action to index.php.
nvd
CVE-2010-4311P4MEDIUMCVSS 5.0v1.02010-11-26
CVE-2010-4311 [MEDIUM] CWE-310 CVE-2010-4311: Free Simple Software 1.0 stores passwords in cleartext, which allows context-dependent attackers to
Free Simple Software 1.0 stores passwords in cleartext, which allows context-dependent attackers to obtain sensitive information.
nvd