Lucene search
+L

5 matches found

cvelist
cvelist
added 2010/07/30 8:0 p.m.21 views

CVE-2010-2917

Multiple cross-site scripting XSS vulnerabilities in index.php in AJ Square AJ Article 3.0 allow remote attackers to inject arbitrary web script or HTML via the 1 emailid, 2 fname, 3 lname, 4 company, 5 address1, 6 address2, 7 city, 8 state, 9 zipcode, 10 phone, and 11 fax parameters in an update...

5.8AI score0.0172EPSS
Exploits1References6
cve
cve
added 2010/07/30 8:0 p.m.49 views

CVE-2010-2917

AJ Square AJ Article 3.0 contains multiple XSS flaws in index.php exploitable via update action parameters (emailid, fname, lname, company, address1, address2, city, state, zipcode, phone, fax). Root cause is unsanitized input leading to script/HTML injection. CVE-2010-2917 has multiple reference...

4.3CVSS5.9AI score0.0172EPSS
Exploits1References6Affected Software1
nvd
nvd
added 2009/08/24 10:30 a.m.15 views

CVE-2008-7051

AJ Square AJ Article allows remote attackers to bypass authentication and access administrator functionality via a direct request to 1 user.php, 2 articles.php, 3 articlesuspend.php, 4 site.php, 5 statistics.php, 6 mail.php, 7 category.php, 8 subcategory.php, 9 changepassword.php, 10 polling.php,...

7.5CVSS6.9AI score0.02511EPSS
Exploits1References3
prion
prion
added 2009/04/14 4:26 p.m.19 views

Sql injection

SQL injection vulnerability in index.php in AJ Square AJ Article allows remote attackers to execute arbitrary SQL commands via the txtName parameter aka the username field...

7.5CVSS9.1AI score0.00967EPSS
Exploits1References3
cve
cve
added 2009/04/14 4:0 p.m.48 views

CVE-2008-6721

AJ Square AJ Article is affected by a SQL injection in index.php, exploitable via the txtName parameter (username field). The vulnerability is documented in CVE-2008-6721 with a base CVSS v2 score of 7.5 (HIGH) and shows network attack vector, low complexity, no authentication required, and parti...

7.5CVSS8.7AI score0.00967EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder