Vulnerabilities > Andrew Freed

DATE	CVE	VULNERABILITY TITLE	RISK
2009-03-05	CVE-2009-0830	Cross-Site Scripting vulnerability in Andrew Freed Quotebook Cross-site scripting (XSS) vulnerability in QuoteBook allows remote attackers to inject arbitrary web script or HTML via the (1) QuoteName and (2) QuoteText parameters to quotesadd.php. network andrew-freed CWE-79	4.3
2009-03-05	CVE-2009-0829	SQL Injection vulnerability in Andrew Freed Quotebook Multiple SQL injection vulnerabilities in QuoteBook allow remote attackers to execute arbitrary SQL commands via the (1) MyBox and (2) selectFavorites parameters to (a) quotes.php and the (3) QuoteName and (4) QuoteText parameters to (b) quotesadd.php. network low complexity andrew-freed CWE-89	7.5

Vulnerabilities > Andrew Freed {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Andrew Freed"}]}