MidnightBSD

Advisories for shawn_bradley

CVE-2012-6504 HIGH

SQL injection vulnerability in mods/hours/data/get_hours.php in PHP Volunteer Management 1.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
shawn_bradley php_volunteer_management 1.0.2
CVE-2012-6505 MEDIUM

Cross-site scripting (XSS) vulnerability in mods/hours/data/get_hours.php in PHP Volunteer Management 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the id parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
shawn_bradley php_volunteer_management 1.0.2
CVE-2012-6516 HIGH

SQL injection vulnerability in PHP Ticket System Beta 1 allows remote attackers to execute arbitrary SQL commands via the q parameter to index.php.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
shawn_bradley php_ticket_system 1.0