Ricardo Alexandre De Oliveira Staudt Yogurt vulnerabilities
2 known vulnerabilities affecting ricardo_alexandre_de_oliveira_staudt/yogurt.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2009-2034P4MEDIUMCVSS 6.0PoCv0.32009-06-12
CVE-2009-2034 [MEDIUM] CWE-89 CVE-2009-2034: SQL injection vulnerability in writemessage.php in Yogurt 0.3, when register_globals is enabled, all
SQL injection vulnerability in writemessage.php in Yogurt 0.3, when register_globals is enabled, allows remote authenticated users to execute arbitrary SQL commands via the original parameter.
nvd
CVE-2009-2033P4MEDIUMCVSS 4.3PoCv0.32009-06-12
CVE-2009-2033 [MEDIUM] CWE-79 CVE-2009-2033: Cross-site scripting (XSS) vulnerability in index.php in Yogurt 0.3 allows remote attackers to injec
Cross-site scripting (XSS) vulnerability in index.php in Yogurt 0.3 allows remote attackers to inject arbitrary web script or HTML via the msg parameter.
nvd