Bpowerhouse: Security Vulnerabilities
SQL injection vulnerability in page.php in Mini CMS 1.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVSS Score
6.8
EPSS Score
0.003
Published
2010-01-04
SQL injection vulnerability in employee.aspx in BPowerHouse BPLawyerCaseDocuments 1.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVSS Score
7.5
EPSS Score
0.008
Published
2009-09-30
Multiple SQL injection vulnerabilities in BPowerHouse BPGames 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) cat_id parameter to main.php and (2) game_id parameter to game.php.
CVSS Score
7.5
EPSS Score
0.004
Published
2009-09-30
SQL injection vulnerability in students.php in BPowerHouse BPStudents 1.0 allows remote attackers to execute arbitrary SQL commands via the test parameter in a preview action.
CVSS Score
7.5
EPSS Score
0.005
Published
2009-09-30
SQL injection vulnerability in music.php in BPowerHouse BPMusic 1.0 allows remote attackers to execute arbitrary SQL commands via the music_id parameter.
CVSS Score
7.5
EPSS Score
0.004
Published
2009-09-30
Multiple SQL injection vulnerabilities in search.aspx in BPowerHouse BPHolidayLettings 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) rid and (2) tid parameters.
CVSS Score
7.5
EPSS Score
0.008
Published
2009-09-30
Multiple directory traversal vulnerabilities in index.php in Mini CMS 1.0.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) page and (2) admin parameters.
CVSS Score
7.5
EPSS Score
0.015
Published
2008-12-16
Multiple directory traversal vulnerabilities in index.php in Mini Blog 1.0.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) page and (2) admin parameters.
CVSS Score
7.5
EPSS Score
0.017
Published
2008-12-16