MidnightBSD

Advisories for vego

CVE-2006-0065 HIGH

SQL injection vulnerability in (1) functions.php, (2) functions_update.php, and (3) functions_display.php in VEGO Web Forum 1.26 and earlier allows remote attackers to execute arbitrary SQL commands via the theme_id parameter in index.php.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
vego vego_web_forum *
CVE-2006-0067 HIGH

SQL injection vulnerability in login.php in VEGO Links Builder 2.00 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
vego vego_links_builder *