SQL injection vulnerability in the get_last_conversation_lines function in common/logger.py in Gajim before 0.15 allows remote attackers to execute arbitrary SQL commands via the jig parameter.
Max CVSS
7.5
EPSS Score
0.65%
Published
2012-11-23
Updated
2013-04-19
The exec_command function in common/helpers.py in Gajim before 0.15 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in an href attribute.
Max CVSS
6.8
EPSS Score
2.10%
Published
2012-08-28
Updated
2013-04-19
2 vulnerabilities found