Ringsworld: Security Vulnerabilities
SQL injection vulnerability in read.php in Flashlight Free Edition allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVSS Score
7.5
EPSS Score
0.001
Published
2009-12-04
Directory traversal vulnerability in admin.php in Flashlight Free Edition allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter.
CVSS Score
7.5
EPSS Score
0.008
Published
2009-12-04
PHP remote file inclusion vulnerability in pntUnit/Inspect.php in phpPeanuts 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the Include parameter.
CVSS Score
7.5
EPSS Score
0.142
Published
2006-11-17