MidnightBSD

Advisories for tunez

CVE-2004-2349 HIGH

Multiple SQL injection vulnerabilities in Tunez before 1.20-pre2 allow remote attackers to execute arbitrary SQL queries.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
tunez tunez 1.20_pre1
tunez tunez 1.20_pre2
tunez tunez 1.15
tunez tunez 1.20_rc1
tunez tunez 0.9
tunez tunez 1.1
tunez tunez 1.0
CVE-2005-3833 HIGH

SQL injection vulnerability in songinfo.php in Tunez 1.21 and earlier allows remote attackers to execute arbitrary SQL commands via the song_id parameter.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
tunez tunez 1.21
tunez tunez 0.5
tunez tunez 1.20
tunez tunez 0.4
tunez tunez 0.3
tunez tunez 0.9
tunez tunez 0.2
tunez tunez 1.0.0
tunez tunez 1.15
tunez tunez 0.1
tunez tunez 1.1
tunez tunez 0.7
tunez tunez 0.5.5
CVE-2005-3834 MEDIUM

Cross-site scripting (XSS) vulnerability in search.php in Tunez 1.21 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchFor parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
tunez tunez 1.21
tunez tunez 0.5
tunez tunez 1.20
tunez tunez 0.4
tunez tunez 0.3
tunez tunez 0.9
tunez tunez 0.2
tunez tunez 1.0.0
tunez tunez 1.15
tunez tunez 0.1
tunez tunez 1.1
tunez tunez 0.7
tunez tunez 0.5.5