Filtered by vendor Mcrefer
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-1073 | 1 Mcrefer | 1 Mcrefer | 2018-10-16 | 10.0 HIGH | N/A |
| Static code injection vulnerability in install.php in mcRefer allows remote attackers to execute arbitrary PHP code via the bgcolor parameter, which is inserted into mcrconf.inc.php. | |||||
| CVE-2007-0875 | 1 Mcrefer | 1 Mcrefer | 2018-10-16 | 7.5 HIGH | N/A |
| ** DISPUTED ** SQL injection vulnerability in install.php in mcRefer allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: this issue has been disputed by a third party, stating that the file does not use a SQL database. | |||||