Gregarius : Security Vulnerabilities, CVEs,
SQL injection vulnerability in ajax.php in Gregarius 0.5.4 and earlier allows remote attackers to execute arbitrary SQL commands via the rsargs array parameter in an __exp__getFeedContent action.
Max CVSS
7.5
EPSS Score
0.34%
Published
2008-07-30
Updated
2018-10-11
Multiple SQL injection vulnerabilities in Gregarius 0.5.2 allow remote attackers to execute arbitrary SQL commands via the (1) folder parameter to feed.php or (2) rss_query parameter to search.php.
Max CVSS
6.4
EPSS Score
0.60%
Published
2006-03-07
Updated
2018-10-18
Multiple cross-site scripting (XSS) vulnerabilities in Gregarius 0.5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) rss_query parameter to search.php or (2) tag parameter to tags.php.
Max CVSS
4.3
EPSS Score
0.62%
Published
2006-03-07
Updated
2018-10-18
3 vulnerabilities found