RSS   Vulnerabilities for 'Property site manager'   RSS

2006-12-22
 
CVE-2006-6709

 

 
Multiple SQL injection vulnerabilities in MGinternet Property Site Manager allow remote attackers to execute arbitrary SQL commands via the (1) p parameter to (a) detail.asp; the (2) l, (3) typ, or (4) loc parameter to (b) listings.asp; or the (5) Password or (6) Username parameter to (c) admin_login.asp. NOTE: some of these details are obtained from third party information.

 
 
CVE-2006-6708

 

 
Cross-site scripting (XSS) vulnerability in listings.asp in MGinternet Property Site Manager allows remote attackers to inject arbitrary web script or HTML via the s parameter.

 

 >>> Vendor: Mginternet 2 Products
Car site manager
Property site manager


Copyright 2024, cxsecurity.com

 

Back to Top