RSS   Vulnerabilities for
'Digitizing quote and ordering system'
   RSS

2007-01-09
 
CVE-2007-0144

 

 
Cross-site scripting (XSS) vulnerability in search.asp in Digitizing Quote And Ordering System 1.0 allows remote authenticated attackers to inject arbitrary web script or HTML via the ordernum parameter.

 
2006-12-31
 
CVE-2006-6911

 

 
SQL injection vulnerability in search.asp in Digitizing Quote And Ordering System 1.0 allows remote authenticated users to execute arbitrary SQL commands via the ordernum parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top