Evo-Dev: Security Vulnerabilities
SQL injection vulnerability in index.php in evoTopsites 2.x and evoTopsites Pro 2.x allows remote attackers to execute arbitrary SQL commands via the (1) cat_id and (2) id parameters.
CVSS Score
6.4
EPSS Score
0.006
Published
2006-05-12
Multiple cross-site scripting (XSS) vulnerabilities in the commentary in Evo-Dev evoBlog allow remote attackers to inject arbitrary web script or HTML via (1) the name parameter and (2) other unspecified parameters.
CVSS Score
4.3
EPSS Score
0.004
Published
2006-03-09