30 matches found
CVE-2006-6083
The CVE-2006-6083 entry affects CreaScripts Creadirectory : the vulnerability is an SQL injection in the search.asp page where the category parameter is unsafely used. This allows remote attackers to execute arbitrary SQL commands. The known impact is consistent with an attacker gaining unauthori...
PT-2006-6727 · Creascripts · Creascripts Creadirectory
Name of the Vulnerable Software and Affected Versions: CreaScripts Creadirectory affected versions not specified Description: The issue concerns multiple cross-site scripting XSS vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. Specifically, th...
PT-2006-6728 · Creascripts · Creascripts Creadirectory
Name of the Vulnerable Software and Affected Versions: CreaScripts Creadirectory affected versions not specified Description: The issue allows remote attackers to execute arbitrary SQL commands via the category parameter in the "search.asp" file. This can lead to unauthorized access and...
creadirectory [injection sql & xss]
vendor site: http://www.creascripts.com/ product:creadirectory bug: injection sql & xss risk : medium injection sql: /search.asp?search=1&submit=Search&category='sql xss: /addlisting.asp?cat=xss /search.asp?search=xss laurent gaffi & benjamin moss http://s-a-p.ca/ contact: [email protected]...
CreaDirectory 1.2 - search.asp?search Cross-Site Scripting
CreaDirectory 1.2 - search.asp?search Cross-Site Scripting source: https://www.securityfocus.com/bid/21230/info Creascripts creadirectory is prone to multiple input-validation vulnerabilities, inculding SQL-injection issues and a cross-site scripting issue, because the application fails to...
CreaDirectory 1.2 - search.asp?category SQL Injection
CreaDirectory 1.2 - search.asp?category SQL Injection source: https://www.securityfocus.com/bid/21230/info Creascripts creadirectory is prone to multiple input-validation vulnerabilities, inculding SQL-injection issues and a cross-site scripting issue, because the application fails to sufficientl...
CreaDirectory 1.2 - addlisting.asp?cat Cross-Site Scripting
CreaDirectory 1.2 - addlisting.asp?cat Cross-Site Scripting source: https://www.securityfocus.com/bid/21230/info Creascripts creadirectory is prone to multiple input-validation vulnerabilities, inculding SQL-injection issues and a cross-site scripting issue, because the application fails to...
CreaDirectory 1.2 - 'search.asp?search' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21230/info Creascripts creadirectory is prone to multiple input-validation vulnerabilities, inculding SQL-injection issues and a cross-site scripting issue, because the application fails to sufficiently sanitize user-supplied data. Exploiting these issues...
CreaDirectory 1.2 - 'addlisting.asp?cat' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21230/info Creascripts creadirectory is prone to multiple input-validation vulnerabilities, inculding SQL-injection issues and a cross-site scripting issue, because the application fails to sufficiently sanitize user-supplied data. Exploiting these issues...
CreaDirectory 1.2 - 'search.asp?category' SQL Injection
source: https://www.securityfocus.com/bid/21230/info Creascripts creadirectory is prone to multiple input-validation vulnerabilities, inculding SQL-injection issues and a cross-site scripting issue, because the application fails to sufficiently sanitize user-supplied data. Exploiting these issues...