RSS   Vulnerabilities for 'Web hosting directory script'   RSS

2008-05-06
 
CVE-2008-2087

CWE-89
 

 
SQL injection vulnerability in search_result.php in Softbiz Web Host Directory Script, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the host_id parameter, a different vector than CVE-2005-3817.

 
2005-11-25
 
CVE-2005-3817

 

 
Multiple SQL injection vulnerabilities in Softbiz Web Host Directory Script 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) cid parameter in search_result.php, (2) sbres_id parameter in review.php, (3) cid parameter in browsecats.php, (4) h_id parameter in email.php, and (5) an unspecified parameter to the search module.

 

 >>> Vendor: Softbiz 10 Products
Web hosting directory script
Resource repository script
B2b trading marketplace script
FAQ
Image gallery
Dating script
Banner exchange
Recipes portal script
Freelancers script
Jokes and funny pictures script


Copyright 2024, cxsecurity.com

 

Back to Top