CVE-2005-3814

CVE-2005-3814 affects SmartPPC Pro with multiple XSS flaws accessible through the username parameter in directory.php, frames.php, and search.php. The PT-2005-4562 entry confirms the vulnerabilities, noting no specific affected versions and indicating that a fix/version with patches is not listed...

CVE-2008-3152

The CVE-2008-3152 entry describes an SQL injection in directory.php affecting SmartPPC and SmartPPC Pro, exploitable via the idDirectory parameter to execute arbitrary SQL commands remotely. Public references (e.g., Exploit-DB entries) indicate availability of exploits, but the provided documents...