5 matches found
Sql injection
SQL injection vulnerability in the GridSupport GS Ticket System comgsticketsystem component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a viewCategory action to index.php...
Sql injection
SQL injection vulnerability in index.cfm in CF Shopkart 5.2.2 allows remote attackers to execute arbitrary SQL commands via the Category parameter in a ViewCategory action...
Sql injection
SQL injection vulnerability in the Portfol comportfol 1.2 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the vcatid parameter in a viewcategory action to index.php...
Cross site scripting
Cross-site scripting XSS vulnerability in catalog.php in Smartscript Domain Trader 2.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter in a viewcategory action...
CVE-2008-0688
CVE-2008-0688 describes a cross-site scripting (XSS) vulnerability in the Smartscript Domain Trader 2.0 product, specifically in catalog.php. The flaw allows remote attackers to inject arbitrary web script or HTML via the id parameter in a viewcategory action. The connected records confirm the af...