MidnightBSD

Advisories for laubrotel

CVE-2010-2438 HIGH

SQL injection vulnerability in G.CMS generator allows remote attackers to execute arbitrary SQL commands via the lang parameter to the default URI, probably index.php.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
laubrotel g.cms_generator *
CVE-2022-3097

The Plugin LBstopattack WordPress plugin before 1.1.3 does not use nonces when saving its settings, making it possible for attackers to conduct CSRF attacks. This could allow attackers to disable the plugin's protections.

Products Affected

Vendor Product Version
laubrotel lbstopattack *