Multiple cross-site scripting (XSS) vulnerabilities in ClickGallery 5.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) gallery_id parameter in gallery.asp and (2) parentcurrentpage parameter in view_gallery.asp.
6AI Score
0.003EPSS
Cross-site scripting (XSS) vulnerability in default.asp in ClickTech Clickcart 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the cat parameter.
6AI Score
0.005EPSS
SQL injection vulnerability in default.asp (aka the login page) in ClickTech ClickBlog 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) form_codeword (aka the Password field) parameters.
8.8AI Score
0.007EPSS
Multiple SQL injection vulnerabilities in ClickTech Texas Rank'em allow remote attackers to execute arbitrary SQL commands via the (1) selPlayer parameter to player.asp or the (2) tournament_id parameter to tournaments.asp.
8.9AI Score
0.002EPSS
Multiple SQL injection vulnerabilities in default.asp in ClickTech ClickContact allow remote attackers to execute arbitrary SQL commands via the (1) AlphaSort, (2) In, and (3) orderby parameters.
8.9AI Score
0.037EPSS
Multiple SQL injection vulnerabilities in ClickTech Click Gallery allow remote attackers to execute arbitrary SQL commands via the (1) currentpage or (2) gallery_id parameter to (a) view_gallery.asp, the (3) image_id parameter to (b) download_image.asp, the currentpage or (5) orderby parameter to (...
8.9AI Score
0.005EPSS
Cross-site scripting (XSS) vulnerability in view_search.asp in ClickTech Click Gallery allows remote attackers to inject arbitrary web script or HTML via the txtKeyWord parameter. NOTE: some of these details are obtained from third party information.
6AI Score
0.005EPSS
SQL injection vulnerability in displayCalendar.asp in ClickTech Click Blog allows remote attackers to execute arbitrary SQL commands via the date parameter.
8.8AI Score
0.003EPSS
SQL injection vulnerability in edit_image.asp in ClickGallery Server 5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the image_id parameter.
8.4AI Score
0.003EPSS
Cross-site scripting (XSS) vulnerability in edit_image.asp in ClickGallery Server 5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the from parameter.
5.7AI Score
0.003EPSS
SQL injection vulnerability in login_check.asp in ClickAuction allows remote attackers to execute arbitrary SQL commands via the (1) txtEmail and (2) txtPassword parameters. NOTE: some of these details are obtained from third party information.
8.7AI Score
0.001EPSS
Multiple SQL injection vulnerabilities in customer_login_check.asp in ClickTech ClickCart 6.0 allow remote attackers to execute arbitrary SQL commands via (1) the txtEmail parameter (aka E-MAIL field) or (2) the txtPassword parameter (aka password field) to customer_login.asp. NOTE: some of these d...
8.9AI Score
0.001EPSS