Unknown vulnerability in session.php in EQdkp before 1.3.0 has unknown impact and attack vectors, possibly involving auto_login_id.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| eqdkp | eqdkp | 1.1.0 |
| eqdkp | eqdkp | 1.0.0 |
| eqdkp | eqdkp | 1.2.0 |
PHP remote file inclusion vulnerability in includes/dbal.php in EQdkp 1.3.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the eqdkp_root_path parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| eqdkp | eqdkp | 1.1.0 |
| eqdkp | eqdkp | 1.3.0 |
| eqdkp | eqdkp | 1.3_p4 |
| eqdkp | eqdkp | 1.2.0 |