Filtered by vendor Spirate Subscriptions
Filtered by product Small Pirate Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2009-4937 1 Spirate 1 Small Pirate 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in Small Pirate (SPirate) 2.1 allows remote attackers to inject arbitrary web script or HTML via an onmouseover action in an img BBCode tag within a url BBCode tag.
CVE-2009-4936 1 Spirate 1 Small Pirate 2024-11-21 N/A
Multiple SQL injection vulnerabilities in Small Pirate (SPirate) 2.1 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to the default URI in an rss .xml action, or the id parameter to (2) pag1.php, (3) pag1-guest.php, (4) rss-comment_post.php (aka rss-coment_post.php), or (5) rss-pic-comment.php.