3 matches found
CVE-2008-7051
AJ Square AJ Article is affected by CVE-2008-7051, where remote attackers can bypass authentication and access administrator functionality by directly requesting any of the admin scripts: user.php, articles.php, articlesuspend.php, site.php, statistics.php, mail.php, category.php, subcategory.php...
CVE-2010-2917
AJ Square AJ Article 3.0 contains multiple XSS flaws in index.php exploitable via update action parameters (emailid, fname, lname, company, address1, address2, city, state, zipcode, phone, fax). Root cause is unsanitized input leading to script/HTML injection. CVE-2010-2917 has multiple reference...
CVE-2008-6721
AJ Square AJ Article is affected by a SQL injection in index.php, exploitable via the txtName parameter (username field). The vulnerability is documented in CVE-2008-6721 with a base CVSS v2 score of 7.5 (HIGH) and shows network attack vector, low complexity, no authentication required, and parti...