Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown
CVE-2007-4845
Disclosure Date: September 12, 2007 (last updated October 04, 2023)
Multiple SQL injection vulnerabilities in UPLOAD/index.php in RW::Download 2.0.3 lite allow remote attackers to execute arbitrary SQL commands via the (1) dlid or (2) cid parameter.
0
Attacker Value
Unknown
CVE-2006-3517
Disclosure Date: July 11, 2006 (last updated October 04, 2023)
PHP remote file inclusion vulnerability in stats.php in RW::Download, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter.
0
