MidnightBSD

Advisories for french_national_commission_on_informatics_and_liberty

CVE-2014-8351 HIGH

SQL injection vulnerability in info.php in French National Commission on Informatics and Liberty (aka CNIL) CookieViz before 1.0.1 allows remote web servers to execute arbitrary SQL commands via the domain parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
french_national_commission_on_informatics_and_liberty cookieviz *
CVE-2014-8352 MEDIUM

Cross-site scripting (XSS) vulnerability in json.php in French National Commission on Informatics and Liberty (aka CNIL) CookieViz allows remote we servers to inject arbitrary web script or HTML via the max_date parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
french_national_commission_on_informatics_and_liberty cookieviz -