Vulnerabilities > Clicktech
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-02-10 | CVE-2009-0462 | SQL Injection vulnerability in Clicktech Clickcart 6.0 Multiple SQL injection vulnerabilities in customer_login_check.asp in ClickTech ClickCart 6.0 allow remote attackers to execute arbitrary SQL commands via (1) the txtEmail parameter (aka E-MAIL field) or (2) the txtPassword parameter (aka password field) to customer_login.asp. | 7.5 |
| 2009-01-27 | CVE-2009-0297 | SQL Injection vulnerability in Clicktech Clickauction NIL SQL injection vulnerability in login_check.asp in ClickAuction allows remote attackers to execute arbitrary SQL commands via the (1) txtEmail and (2) txtPassword parameters. | 7.5 |
| 2007-06-26 | CVE-2007-3412 | Cross-Site Scripting vulnerability in Clicktech Clickgallery 5.1 Cross-site scripting (XSS) vulnerability in edit_image.asp in ClickGallery Server 5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the from parameter. network clicktech | 4.3 |
| 2007-06-26 | CVE-2007-3411 | SQL-Injection vulnerability in Clicktech Clickgallery 5.1 SQL injection vulnerability in edit_image.asp in ClickGallery Server 5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the image_id parameter. | 7.5 |
| 2006-12-01 | CVE-2006-6189 | SQL Injection vulnerability in Clickblog Displaycalendar.ASP SQL injection vulnerability in displayCalendar.asp in ClickTech Click Blog allows remote attackers to execute arbitrary SQL commands via the date parameter. | 7.5 |
| 2006-12-01 | CVE-2006-6188 | Cross-Site Scripting vulnerability in Clicktech Clickgallery 5.0 Cross-site scripting (XSS) vulnerability in view_search.asp in ClickTech Click Gallery allows remote attackers to inject arbitrary web script or HTML via the txtKeyWord parameter. network clicktech | 4.3 |
| 2006-12-01 | CVE-2006-6187 | SQL-Injection vulnerability in Clicktech Clickgallery 5.0 Multiple SQL injection vulnerabilities in ClickTech Click Gallery allow remote attackers to execute arbitrary SQL commands via the (1) currentpage or (2) gallery_id parameter to (a) view_gallery.asp, the (3) image_id parameter to (b) download_image.asp, the currentpage or (5) orderby parameter to (c) gallery.asp, or the currentpage parameter to (d) view_recent.asp. | 7.5 |
| 2006-12-01 | CVE-2006-6181 | SQL Injection vulnerability in ClickContact Default.ASP Multiple SQL injection vulnerabilities in default.asp in ClickTech ClickContact allow remote attackers to execute arbitrary SQL commands via the (1) AlphaSort, (2) In, and (3) orderby parameters. | 7.5 |
| 2006-11-22 | CVE-2006-6050 | SQL Injection vulnerability in ClickTech Texas RankEm Player.ASP Tournaments.ASP Multiple SQL injection vulnerabilities in ClickTech Texas Rank'em allow remote attackers to execute arbitrary SQL commands via the (1) selPlayer parameter to player.asp or the (2) tournament_id parameter to tournaments.asp. | 7.5 |
| 2006-09-19 | CVE-2006-4857 | SQL Injection vulnerability in Clicktech Clickblog 2.0 SQL injection vulnerability in default.asp (aka the login page) in ClickTech ClickBlog 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) form_codeword (aka the Password field) parameters. | 7.5 |