PT-2006-6786 · Vspin.Net · Vspin.Net Classified System 2004

Name of the Vulnerable Software and Affected Versions: vSpin.net Classified System 2004 Description: The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via several parameters in two different ASP files: - The cat parameter to "cat.asp", - The keyword, order,...

PT-2006-6787 · Vspin.Net · Vspin.Net Classified System 2004

Name of the Vulnerable Software and Affected Versions: vSpin.net Classified System 2004 Description: The issue concerns multiple cross-site scripting XSS vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. Specifically, the vulnerabilities can be...

CVE-2005-2046

Multiple SQL injection vulnerabilities in DUware DUamazon Pro 3.0 and 3.1 allow remote attackers to execute arbitrary SQL commands via the 1 iCat parameter to cat.asp, 2 iSub parameter to sub.asp, 3 iSub parameter to detail.asp, 4 iPro parameter to review.asp, iCat parameter to 5 catEdit.asp, 6...