| Max CVSS | 6.8 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2008-4145 | 6.8 |
SQL injection vulnerability in user_read_links.php in Addalink 1.0 beta 4 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the category_id parameter.
|
29-09-2017 - 01:32 | 24-09-2008 - 05:41 | |
| CVE-2008-4146 | 5.0 |
Addalink 1.0 beta 4 and earlier allows remote attackers to (1) approve web-site additions via a modified approved field and (2) change the visit-counter value via a modified counter field.
|
29-09-2017 - 01:32 | 24-09-2008 - 05:41 |