Lucene search
Digitizing Quote And Ordering System Security Vulnerabilities
cve
SQL injection vulnerability in search.asp in Digitizing Quote And Ordering System 1.0 allows remote authenticated users to execute arbitrary SQL commands via the ordernum parameter.
8.3AI Score
0.002EPSS
2007-01-09 06:00 PM
15
cve
Cross-site scripting (XSS) vulnerability in search.asp in Digitizing Quote And Ordering System 1.0 allows remote authenticated attackers to inject arbitrary web script or HTML via the ordernum parameter.
5.3AI Score
0.005EPSS
2007-01-09 06:28 PM
30