Vulnerabilities > Ajsquare > AJ Auction PRO Oopd
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-08-25 | CVE-2009-4989 | Cross-Site Scripting vulnerability in Ajsquare AJ Auction Pro-Oopd 3.0 Cross-site scripting (XSS) vulnerability in index.php in AJ Auction Pro OOPD 3.0 allows remote attackers to inject arbitrary web script or HTML via the txtkeyword parameter in a search action. | 4.3 |
| 2009-09-16 | CVE-2009-3203 | SQL Injection vulnerability in Ajsquare AJ Auction Pro-Oopd 2.0 SQL injection vulnerability in store.php in AJ Auction Pro OOPD 2.x allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |