CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
Business_cards_designer, E-smart_cart, Php_jobwebsite_pro, Pre_ads_portal, Pre_classified_listings, Pre_classified_listings_asp, Pre_e-learning_portal, Pre_job_board, Pre_online_tests_generator, Pre_podcast_portal
2017-08-08
N/A
N/A
SQL injection vulnerability in siteadmin/forgot.php in PHP JOBWEBSITE PRO allows remote attackers to execute arbitrary SQL commands via the adname parameter in a Submit action.
Business_cards_designer, E-smart_cart, Php_jobwebsite_pro, Pre_ads_portal, Pre_classified_listings, Pre_classified_listings_asp, Pre_e-learning_portal, Pre_job_board, Pre_online_tests_generator, Pre_podcast_portal
2017-08-08
N/A
N/A
Multiple cross-site scripting (XSS) vulnerabilities in siteadmin/forgot.php in PHP JOBWEBSITE PRO allow remote attackers to inject arbitrary web script or HTML via (1) the adname parameter in a Submit action or (2) the UserName field.
Active_auction_house, Active_bids, Active_business_directory, Active_ewebquiz, Active_force_matrix, Active_membership, Active_newsletter, Active_photo_gallery, Active_price_comparison, Active_test
2017-08-08
N/A
N/A
SQL injection vulnerability in links.asp in Active Price Comparison 4.0 allows remote attackers to execute arbitrary SQL commands via the linkid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Active_auction_house, Active_bids, Active_business_directory, Active_ewebquiz, Active_force_matrix, Active_membership, Active_newsletter, Active_photo_gallery, Active_price_comparison, Active_test
2017-09-29
N/A
N/A
Multiple SQL injection vulnerabilities in login.aspx in Active Price Comparison 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) password and (2) username fields.
Active_auction_house, Active_bids, Active_business_directory, Active_ewebquiz, Active_force_matrix, Active_membership, Active_newsletter, Active_photo_gallery, Active_price_comparison, Active_test
2017-09-29
N/A
N/A
SQL injection vulnerability in login.aspx in Active Web Mail 4.0 allows remote attackers to execute arbitrary SQL commands via the password parameter.
Active_auction_house, Active_bids, Active_business_directory, Active_ewebquiz, Active_force_matrix, Active_membership, Active_newsletter, Active_photo_gallery, Active_price_comparison, Active_test
2017-09-29
N/A
N/A
SQL injection vulnerability in default.asp in Active Business Directory 2 allows remote attackers to execute arbitrary SQL commands via the catid parameter.
Cross-site scripting (XSS) vulnerability in profile_social.php in i-Net Solution Orkut Clone allows remote authenticated users to inject arbitrary web script or HTML via the id parameter.
SQL injection vulnerability in profile_social.php in i-Net Solution Orkut Clone allows remote authenticated users to execute arbitrary SQL commands via the id parameter.
SQL injection vulnerability in popupproduct.php in Sunbyte e-Flower allows remote attackers to execute arbitrary SQL commands via the id parameter.
Directory traversal vulnerability in print.php in PHP iCalendar 2.24 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cookie_language parameter in a phpicalendar_* cookie, a different vector than CVE-2006-1292.