Vulnerabilities > Activewebsoftwares > Active Business Directory
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-12-30 | CVE-2009-4464 | Cross-Site Scripting vulnerability in Activewebsoftwares Active Business Directory 2.0 Cross-site scripting (XSS) vulnerability in searchadvance.asp in Active Business Directory 2 allows remote attackers to inject arbitrary web script or HTML via the search parameter. | 4.3 |
| 2009-01-27 | CVE-2008-5972 | SQL Injection vulnerability in Activewebsoftwares Active Business Directory 2 SQL injection vulnerability in default.asp in Active Business Directory 2 allows remote attackers to execute arbitrary SQL commands via the catid parameter. | 7.5 |