4 matches found
CreaDirectory 1.2 search.asp search Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/21230/info Creascripts creadirectory is prone to multiple input-validation vulnerabilities, inculding SQL-injection issues and a cross-site scripting issue, because the application fails to sufficiently sanitize...
Sql injection
SQL injection vulnerability in error.asp in CreaScripts CreaDirectory 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2006-6083...
CreaDirectory 1.2 - search.asp?search Cross-Site Scripting
CreaDirectory 1.2 - search.asp?search Cross-Site Scripting source: https://www.securityfocus.com/bid/21230/info Creascripts creadirectory is prone to multiple input-validation vulnerabilities, inculding SQL-injection issues and a cross-site scripting issue, because the application fails to...
CreaDirectory 1.2 - 'addlisting.asp?cat' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21230/info Creascripts creadirectory is prone to multiple input-validation vulnerabilities, inculding SQL-injection issues and a cross-site scripting issue, because the application fails to sufficiently sanitize user-supplied data. Exploiting these issues...