Free Lan Intra Internet Portal: >> Free Lan Intra Internet Portal >> 1.0_rc1 Security Vulnerabilities
Multiple SQL injection vulnerabilities in Free LAN In(tra|ter)net Portal (FLIP) before 1.0-RC3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: some sources mention the escape_sqlData, implode_sql, and implode_sqlIn functions, but these are protection schemes, not the vulnerable functions.
CVSS Score
7.5
EPSS Score
0.005
Published
2007-02-03
Cross-site scripting (XSS) vulnerability in error messages in Free LAN In(tra|ter)net Portal (FLIP) before 1.0-RC3 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, different vectors than CVE-2007-0611.
CVSS Score
6.8
EPSS Score
0.005
Published
2007-02-03