6 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in auth-settings-x.php in SpamTitan before 6.04 allows remote attackers to inject arbitrary web script or HTML via the sortdir parameter...
CVE-2014-2965
Cross-site scripting XSS vulnerability in auth-settings-x.php in SpamTitan before 6.04 allows remote attackers to inject arbitrary web script or HTML via the sortdir parameter...
CVE-2014-2965
CVE-2014-2965 is a reflected XSS in SpamTitan’s management interface, affecting auth-settings-x.php prior to version 6.04. The vulnerability allows an attacker to inject arbitrary script via the sortdir parameter, executing in a user’s browser context. SpamTitan addressed this with a 6.04 patch; ...
Sql injection
Multiple SQL injection vulnerabilities in Active Bids allow remote attackers to execute arbitrary SQL commands via the 1 search parameter to search.asp, 2 SortDir parameter to auctionsended.asp, and the 3 catid parameter to wishlist.php...
CVE-2009-0429
Multiple SQL injection vulnerabilities in Active Bids allow remote attackers to execute arbitrary SQL commands via the 1 search parameter to search.asp, 2 SortDir parameter to auctionsended.asp, and the 3 catid parameter to wishlist.php...
CVE-2009-0429
Multiple SQL injection vulnerabilities in Active Bids allow remote attackers to execute arbitrary SQL commands via the 1 search parameter to search.asp, 2 SortDir parameter to auctionsended.asp, and the 3 catid parameter to wishlist.php...