Vulnerabilities > 2Daybiz

DATE CVE VULNERABILITY TITLE RISK
2012-10-25 CVE-2011-5215 SQL Injection vulnerability in 2Daybiz Video Community Portal Script
SQL injection vulnerability in index.php in Video Community Portal allows remote attackers to execute arbitrary SQL commands via the id parameter.
network
low complexity
2daybiz CWE-89
7.5
2011-11-02 CVE-2010-5019 SQL Injection vulnerability in 2Daybiz Online Classified Script
SQL injection vulnerability in view_photo.php in 2daybiz Online Classified Script allows remote attackers to execute arbitrary SQL commands via the alb parameter.
network
low complexity
2daybiz CWE-89
7.5
2011-11-02 CVE-2010-5018 Cross-Site Scripting vulnerability in 2Daybiz Online Classified Script
Cross-site scripting (XSS) vulnerability in products/classified/headersearch.php in 2daybiz Online Classified Script allows remote attackers to inject arbitrary web script or HTML via the sid parameter.
network
2daybiz CWE-79
4.3
2011-11-02 CVE-2010-5015 SQL Injection vulnerability in 2Daybiz Network Community Script
SQL injection vulnerability in view_photo.php in 2daybiz Network Community Script allows remote attackers to execute arbitrary SQL commands via the alb parameter.
network
low complexity
2daybiz CWE-89
7.5
2011-11-02 CVE-2010-5004 SQL Injection vulnerability in 2Daybiz Polls Script
SQL injection vulnerability in searchvote.php in 2daybiz Polls (aka Advanced Poll) Script allows remote attackers to execute arbitrary SQL commands via the category parameter.
network
low complexity
2daybiz CWE-89
7.5
2010-07-12 CVE-2010-2692 Cross-Site Scripting vulnerability in 2Daybiz Custom T-Shirt Design Script
Cross-site scripting (XSS) vulnerability in 2daybiz Custom T-Shirt Design Script allows remote attackers to inject arbitrary web script or HTML via a review comment.
network
2daybiz CWE-79
4.3
2010-07-12 CVE-2010-2691 SQL Injection vulnerability in 2Daybiz Custom T-Shirt Design Script
Multiple SQL injection vulnerabilities in 2daybiz Custom T-Shirt Design Script allow remote attackers to execute arbitrary SQL commands via the (1) sbid parameter to products_details.php, (2) pid parameter to products/products.php, and (3) designid parameter to designview.php.
network
low complexity
2daybiz CWE-89
7.5
2010-07-02 CVE-2010-2610 SQL Injection vulnerability in 2Daybiz JOB Site Script
Multiple SQL injection vulnerabilities in 2daybiz Job Site Script allow remote attackers to execute arbitrary SQL commands via the (1) jid parameter to view_current_job.php, (2) job_iid parameter to show_search_more.php, and (3) left_cat parameter to show_search_result.php.
network
low complexity
2daybiz CWE-89
7.5
2010-07-02 CVE-2010-2609 SQL Injection vulnerability in 2Daybiz JOB Search Engine Script
SQL injection vulnerability in show_search_result.php in 2daybiz Job Search Engine Script allows remote attackers to execute arbitrary SQL commands via the keyword parameter.
network
low complexity
2daybiz CWE-89
7.5
2010-06-29 CVE-2010-2516 SQL Injection vulnerability in 2Daybiz Multi Level Marketing Software
Multiple SQL injection vulnerabilities in 2daybiz Multi Level Marketing (MLM) Software allow remote attackers to execute arbitrary SQL commands via the username parameter to (1) index.php and (2) admin/index.php.
network
low complexity
2daybiz CWE-89
7.5