Greg Neustaetter: >> Gcards >> 1.13 Security Vulnerabilities
SQL injection vulnerability in getnewsitem.php in gCards 1.46 and earlier allows remote attackers to execute arbitrary SQL commands via the newsid parameter.
CVSS Score
7.5
EPSS Score
0.026
Published
2007-06-01
PHP remote file inclusion vulnerability in addnews.php in Greg Neustaetter gCards 1.13 allows remote attackers to execute arbitrary PHP code via a URL in the languagefile parameter. NOTE: another researcher has observed that languageFile is defined before use. CVE analysis as of 20061012 concurs with the dispute
CVSS Score
7.5
EPSS Score
0.007
Published
2006-10-12