2 matches found
CVE-2010-2699
CVE-2010-2699 : There is a SQL injection in Edge PHP Clickbank Affiliate Marketplace Script (CBQuick) via the search parameter in index.php. The root cause is improper input handling in the search field, allowing remote attackers to execute arbitrary SQL commands. Affected software is CBQuick’s i...
CVE-2010-2700
CVE-2010-2700 is an XSS vulnerability in the Edge PHP CBQuick script (index.php) where an attacker can inject arbitrary script/HTML via the search parameter. Affected component: CBQuick’s index.php. Root cause: failure to properly sanitize user input for the search parameter, enabling reflected/s...