RSS   Podatności dla 'Active auction house'   RSS

2007-03-27
 
CVE-2007-1712

 
 
SQL injection vulnerability in default.asp in ActiveWebSoftwares Active Auction Pro 7.1 allows remote attackers to execute arbitrary SQL commands via the catid parameter.

 
2005-05-02
 
CVE-2005-1030

 
 
Multiple cross-site scripting (XSS) vulnerabilities in Active Auction House allow remote attackers to inject arbitrary web script or HTML via the (1) ReturnURL, (2) password, (3) username parameter, (4) ReturnURL parameter to account.asp, (5) Table, (6) Title parameter to sendpassword.asp, or (7) itemid to watchthisitem.asp.

 
2005-04-06
 
CVE-2005-1029

 
 
Multiple SQL injection vulnerabilities in Active Auction House allow remote attackers to execute arbitrary SQL commands via the (1) catid, (2) SortDir, or (3) Sortby parameter to default.asp, (4) itemID parameter to ItemInfo.asp, or (5) Email field to sendpassword.asp.

 

 >>> Vendor: Active web softwares 6 Produkty
Active auction house
Activebuyandsell
Active photo gallery
Active link engine
Active newsletter
Active test

Copyright 2024, cxsecurity.com

 

Back to Top