CVE-2006-6187

Multiple SQL injection vulnerabilities in ClickTech Click Gallery allow remote attackers to execute arbitrary SQL commands via the 1 currentpage or 2 galleryid parameter to a viewgallery.asp, the 3 imageid parameter to b downloadimage.asp, the currentpage or 5 orderby parameter to c gallery.asp, ...

CVE-2006-6188

Cross-site scripting XSS vulnerability in viewsearch.asp in ClickTech Click Gallery allows remote attackers to inject arbitrary web script or HTML via the txtKeyWord parameter. NOTE: some of these details are obtained from third party information...

CVE-2006-6189

SQL injection vulnerability in displayCalendar.asp in ClickTech Click Blog allows remote attackers to execute arbitrary SQL commands via the date parameter...

CVE-2006-6181

Multiple SQL injection vulnerabilities in default.asp in ClickTech ClickContact allow remote attackers to execute arbitrary SQL commands via the 1 AlphaSort, 2 In, and 3 orderby parameters...

CVE-2006-6181

Multiple SQL injection vulnerabilities in default.asp in ClickTech ClickContact allow remote attackers to execute arbitrary SQL commands via the 1 AlphaSort, 2 In, and 3 orderby parameters...

CVE-2006-6188

Cross-site scripting XSS vulnerability in viewsearch.asp in ClickTech Click Gallery allows remote attackers to inject arbitrary web script or HTML via the txtKeyWord parameter. NOTE: some of these details are obtained from third party information...

CVE-2006-6189

CVE-2006-6189 describes an SQL injection in the web application component displayCalendar.asp of ClickTech Click Blog . The vulnerability allows remote attackers to inject arbitrary SQL commands via the date parameter, leading to potential data exposure or manipulation. The existing connected sou...

CVE-2006-6188

CVE-2006-6188 is a Cross-site Scripting (XSS) vulnerability in ClickTech Click Gallery (view_search.asp) that can be exploited via the txtKeyWord parameter to inject arbitrary script/HTML. Affected: ClickTech Click Gallery; vulnerable component: view_search.asp. Root cause: improper neutralizatio...

CVE-2006-6187

Multiple SQL injection vulnerabilities in ClickTech Click Gallery allow remote attackers to execute arbitrary SQL commands via the 1 currentpage or 2 galleryid parameter to a viewgallery.asp, the 3 imageid parameter to b downloadimage.asp, the currentpage or 5 orderby parameter to c gallery.asp, ...

CVE-2006-6181

CVE-2006-6181 refers to multiple SQL injection vulnerabilities in default.asp of ClickTech ClickContact. The issue allows remote attackers to execute arbitrary SQL commands via the (1) AlphaSort, (2) In, and (3) orderby parameters, indicating a failure to sanitize user input in query construction...

CVE-2006-6187

CVE-2006-6187 involves multiple SQL injection vulnerabilities in ClickTech Click Gallery. The affected components are the web-facing scripts: view_gallery.asp (parameters: currentpage, gallery_id), download_image.asp (parameter: image_id), gallery.asp (parameter: orderby), and view_recent.asp (pa...

CVE-2006-6189

SQL injection vulnerability in displayCalendar.asp in ClickTech Click Blog allows remote attackers to execute arbitrary SQL commands via the date parameter...

CVE-2006-6050

Multiple SQL injection vulnerabilities in ClickTech Texas Rank'em allow remote attackers to execute arbitrary SQL commands via the 1 selPlayer parameter to player.asp or the 2 tournamentid parameter to tournaments.asp...

CVE-2006-6050

CVE-2006-6050 involves multiple SQL injection vulnerabilities in ClickTech Texas Rank'em. The affected components are the web application endpoints that accept user input: the 1) selPlayer parameter to player.asp and the 2) tournament_id parameter to tournaments.asp. The root cause is improper in...

CVE-2006-6050

Multiple SQL injection vulnerabilities in ClickTech Texas Rank'em allow remote attackers to execute arbitrary SQL commands via the 1 selPlayer parameter to player.asp or the 2 tournamentid parameter to tournaments.asp...

Texas Rankem - selPlayer SQL Injection

Texas Rankem - selPlayer SQL Injection source: https://www.securityfocus.com/bid/21168/info ClickTech Texas Rank'em is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...

CVE-2006-4857

SQL injection vulnerability in default.asp aka the login page in ClickTech ClickBlog 2.0 allows remote attackers to execute arbitrary SQL commands via the 1 username and 2 formcodeword aka the Password field parameters...

CVE-2006-4857

CVE-2006-4857 is an SQL injection vulnerability in the default.asp login page of ClickTech ClickBlog 2.0. The issue permits remote attackers to execute arbitrary SQL commands via the username and form_codeword parameters. The vulnerability is categorized with a high base score (CVSS v2: 7.5; Netw...

CVE-2006-4857

SQL injection vulnerability in default.asp aka the login page in ClickTech ClickBlog 2.0 allows remote attackers to execute arbitrary SQL commands via the 1 username and 2 formcodeword aka the Password field parameters...

CVE-2006-3029

Cross-site scripting XSS vulnerability in default.asp in ClickTech Clickcart 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the cat parameter...