Filtered by vendor Neocrome
Subscribe
Total
24 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2669 | 1 Neocrome | 1 Land Down Under | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Land Down Under (LDU) v701 allow remote attackers to execute arbitrary SQL commands or obtain the installation path via parameters including (1) s, w, and d in users.php, (2) id in comments.php, (3) rusername in auth.php, or (4) h in plug.php. | |||||
| CVE-2005-2675 | 1 Neocrome | 1 Land Down Under | 2025-04-03 | 7.5 HIGH | N/A |
| Note: the vendor has disputed this issue. Multiple SQL injection vulnerabilities in Land Down Under (LDU) 800 allow remote attackers to execute arbitrary SQL commands via the (1) s or (2) m parameter to forums.php, (3) o, (4) w, (5) s, or (6) p parameter to list.php, (7) m parameter to journal.php, (8) x or (9) n parameter to forums.php, or (10) w parameter to links.php. NOTE: this issue has been disputed by the vendor, who says "None of the tricks written there are working, the variables are properly sanitized and no LDU version is affected. | |||||
| CVE-2005-2788 | 1 Neocrome | 1 Land Down Under | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Land Down Under (LDU) 801 and earlier allow remote attackers to execute arbitrary SQL commands via the c parameter to (1) events.php, (2) index.php, or (3) list.php. | |||||
| CVE-2005-2780 | 1 Neocrome | 1 Land Down Under | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Land Down Under (LDU) allows remote attackers to inject arbitrary web script or HTML via a signature. | |||||