Jaia Interactive: Security Vulnerabilities
SQL injection vulnerability in index.php in MyTopix 1.3.0 and earlier allows remote authenticated users to execute arbitrary SQL commands via the send parameter in a notes action.
CVSS Score
6.5
EPSS Score
0.002
Published
2009-02-27
SQL injection vulnerability in search.php in MyTopix 1.2.3 allows remote attackers to execute arbitrary SQL commands via the (1) mid and (2) keywords parameters.
CVSS Score
7.5
EPSS Score
0.006
Published
2006-02-08
MyTopix 1.2.3 allows remote attackers to obtain the installation path via a direct request to logon.mod.php, which leaks the path in an error message.
CVSS Score
5.0
EPSS Score
0.005
Published
2006-02-08
MyTopix 1.2.3 allows remote attackers to obtain the installation path via an invalid hl parameter to index.php, which leads to path disclosure, possibly related to invalid SQL syntax.
CVSS Score
5.0
EPSS Score
0.005
Published
2006-02-08