MidnightBSD

Advisories for webmanager-pro

CVE-2010-4899 HIGH

SQL injection vulnerability in c.php in CMS WebManager-Pro before 8.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
webmanager-pro cms_webmanager-pro *
CVE-2010-4900 MEDIUM

Open redirect vulnerability in c.php in CMS WebManager-Pro 8.1 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
webmanager-pro cms_webmanager-pro *
webmanager-pro cms_webmanager-pro 7.4.3