2 matches found
CVE-2008-2843
CVE-2008-2843 affects doITLive CMS 2.50 and earlier, with multiple SQL injection paths allowing remote attackers to execute arbitrary SQL via (1) the ID parameter in an USUB action to default.asp and (2) the Licence[SpecialLicenseNumber] cookie (LicenceId) to edit/default.asp. The available docum...
CVE-2008-2842
The CVE-2008-2842 entry describes a cross-site scripting (XSS) vulnerability in doITLive CMS versions 2.50 and earlier. The issue affects the edit/showmedia.asp path where the FILE parameter can be exploited to inject arbitrary web script or HTML. The provided documents do not specify affected ve...