Vulnerabilities > Ajsquare > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-07-30 | CVE-2010-2916 | SQL Injection vulnerability in Ajsquare AJ Hyip Meridian SQL injection vulnerability in news.php in AJ Square AJ HYIP MERIDIAN allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2010-07-30 | CVE-2010-2915 | SQL Injection vulnerability in Ajsquare AJ Hyip Prime SQL injection vulnerability in welcome.php in AJ Square AJ HYIP PRIME allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2010-05-12 | CVE-2010-1876 | SQL Injection vulnerability in Ajsquare AJ Shopping Cart 1.0 SQL injection vulnerability in index.php in AJ Shopping Cart 1.0 allows remote attackers to execute arbitrary SQL commands via the maincatid parameter in a showmaincatlanding action. | 7.5 |
| 2009-09-16 | CVE-2009-3203 | SQL Injection vulnerability in Ajsquare AJ Auction Pro-Oopd 2.0 SQL injection vulnerability in store.php in AJ Auction Pro OOPD 2.x allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2009-08-24 | CVE-2008-7051 | Improper Authentication vulnerability in Ajsquare AJ Article AJ Square AJ Article allows remote attackers to bypass authentication and access administrator functionality via a direct request to (1) user.php, (2) articles.php, (3) articlesuspend.php, (4) site.php, (5) statistics.php, (6) mail.php, (7) category.php, (8) subcategory.php, (9) changepassword.php, (10) polling.php, and (11) logo.php in admin/. | 7.5 |
| 2009-08-24 | CVE-2008-7044 | SQL Injection vulnerability in Ajsquare Free Polling Script SQL injection vulnerability in admin/include/newpoll.php in AJ Square Free Polling Script (AJPoll) Database version allows remote attackers to execute arbitrary SQL commands via the ques parameter. | 7.5 |
| 2009-08-24 | CVE-2008-7041 | Improper Authentication vulnerability in Ajsquare AJ Classifieds AJ Classifieds allows remote attackers to bypass authentication and gain administrator privileges via a direct request to admin/home.php. | 7.5 |
| 2009-08-17 | CVE-2009-2779 | SQL Injection vulnerability in Ajsquare AJ Matrix DNA SQL injection vulnerability in index.php in AJ Matrix DNA allows remote attackers to execute arbitrary SQL commands via the id parameter in a productdetail action. | 7.5 |
| 2009-04-14 | CVE-2008-6721 | SQL Injection vulnerability in Ajsquare AJ Article SQL injection vulnerability in index.php in AJ Square AJ Article allows remote attackers to execute arbitrary SQL commands via the txtName parameter (aka the username field). | 7.5 |