Vulnerabilities > Application Dynamics

DATE	CVE	VULNERABILITY TITLE	RISK
2008-06-30	CVE-2008-2918	SQL Injection vulnerability in Application Dynamics Cartweaver 3.0 SQL injection vulnerability in details.php in Application Dynamics Cartweaver 3.0 allows remote attackers to execute arbitrary SQL commands via the prodId parameter, possibly a related issue to CVE-2006-2046.3. network low complexity application-dynamics CWE-89	7.5
2006-04-26	CVE-2006-2047	SQL-Injection vulnerability in Application Dynamics Cartweaver Coldfusion 2.16.11 Application Dynamics Cartweaver ColdFusion 2.16.11 and earlier allows remote attackers to obtain sensitive information via an invalid (1) secondary, (2) PageNum_Results, (3) category, or (4) keywords parameter in (a) Results.cfm; or an invalid (5) ProdID parameter in (b) Details.cfm; which reveal the path in various error messages. network low complexity application-dynamics	5.0
2006-04-26	CVE-2006-2046	SQL Injection vulnerability in Application Dynamics Cartweaver ColdFusion Multiple SQL injection vulnerabilities in Application Dynamics Cartweaver ColdFusion 2.16.11 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) category and (2) keywords parameters in (a) Results.cfm, and the (3) ProdID parameter in (b) Details.cfm. network low complexity application-dynamics	6.4

Vulnerabilities > Application Dynamics {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Application Dynamics"}]}