30 matches found
CVE-2006-6082
CVE-2006-6082 affects the CreaScripts Creadirectory component. The documented issue is multiple XSS vulnerabilities that allow remote attackers to inject arbitrary script or HTML via the (1) cat parameter to addlisting.asp or (2) the search parameter to search.asp. The root cause is insufficient ...
PT-2006-6727 · Creascripts · Creascripts Creadirectory
Name of the Vulnerable Software and Affected Versions: CreaScripts Creadirectory affected versions not specified Description: The issue concerns multiple cross-site scripting XSS vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. Specifically, th...
PT-2006-6728 · Creascripts · Creascripts Creadirectory
Name of the Vulnerable Software and Affected Versions: CreaScripts Creadirectory affected versions not specified Description: The issue allows remote attackers to execute arbitrary SQL commands via the category parameter in the "search.asp" file. This can lead to unauthorized access and...
creadirectory [injection sql & xss]
vendor site: http://www.creascripts.com/ product:creadirectory bug: injection sql & xss risk : medium injection sql: /search.asp?search=1&submit=Search&category='sql xss: /addlisting.asp?cat=xss /search.asp?search=xss laurent gaffi & benjamin moss http://s-a-p.ca/ contact: [email protected]...
CreaDirectory 1.2 - search.asp?search Cross-Site Scripting
CreaDirectory 1.2 - search.asp?search Cross-Site Scripting source: https://www.securityfocus.com/bid/21230/info Creascripts creadirectory is prone to multiple input-validation vulnerabilities, inculding SQL-injection issues and a cross-site scripting issue, because the application fails to...
CreaDirectory 1.2 - search.asp?category SQL Injection
CreaDirectory 1.2 - search.asp?category SQL Injection source: https://www.securityfocus.com/bid/21230/info Creascripts creadirectory is prone to multiple input-validation vulnerabilities, inculding SQL-injection issues and a cross-site scripting issue, because the application fails to sufficientl...
CreaDirectory 1.2 - addlisting.asp?cat Cross-Site Scripting
CreaDirectory 1.2 - addlisting.asp?cat Cross-Site Scripting source: https://www.securityfocus.com/bid/21230/info Creascripts creadirectory is prone to multiple input-validation vulnerabilities, inculding SQL-injection issues and a cross-site scripting issue, because the application fails to...
CreaDirectory 1.2 - 'search.asp?search' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21230/info Creascripts creadirectory is prone to multiple input-validation vulnerabilities, inculding SQL-injection issues and a cross-site scripting issue, because the application fails to sufficiently sanitize user-supplied data. Exploiting these issues...
CreaDirectory 1.2 - 'addlisting.asp?cat' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21230/info Creascripts creadirectory is prone to multiple input-validation vulnerabilities, inculding SQL-injection issues and a cross-site scripting issue, because the application fails to sufficiently sanitize user-supplied data. Exploiting these issues...
CreaDirectory 1.2 - 'search.asp?category' SQL Injection
source: https://www.securityfocus.com/bid/21230/info Creascripts creadirectory is prone to multiple input-validation vulnerabilities, inculding SQL-injection issues and a cross-site scripting issue, because the application fails to sufficiently sanitize user-supplied data. Exploiting these issues...