Vulnerabilities > Clicktech > High

DATE CVE VULNERABILITY TITLE RISK
2009-02-10 CVE-2009-0462 SQL Injection vulnerability in Clicktech Clickcart 6.0
Multiple SQL injection vulnerabilities in customer_login_check.asp in ClickTech ClickCart 6.0 allow remote attackers to execute arbitrary SQL commands via (1) the txtEmail parameter (aka E-MAIL field) or (2) the txtPassword parameter (aka password field) to customer_login.asp.
network
low complexity
clicktech CWE-89
7.5
2009-01-27 CVE-2009-0297 SQL Injection vulnerability in Clicktech Clickauction NIL
SQL injection vulnerability in login_check.asp in ClickAuction allows remote attackers to execute arbitrary SQL commands via the (1) txtEmail and (2) txtPassword parameters.
network
low complexity
clicktech CWE-89
7.5
2007-06-26 CVE-2007-3411 SQL-Injection vulnerability in Clicktech Clickgallery 5.1
SQL injection vulnerability in edit_image.asp in ClickGallery Server 5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the image_id parameter.
network
low complexity
clicktech
7.5
2006-12-01 CVE-2006-6189 SQL Injection vulnerability in Clickblog Displaycalendar.ASP
SQL injection vulnerability in displayCalendar.asp in ClickTech Click Blog allows remote attackers to execute arbitrary SQL commands via the date parameter.
network
low complexity
clicktech
7.5
2006-12-01 CVE-2006-6187 SQL-Injection vulnerability in Clicktech Clickgallery 5.0
Multiple SQL injection vulnerabilities in ClickTech Click Gallery allow remote attackers to execute arbitrary SQL commands via the (1) currentpage or (2) gallery_id parameter to (a) view_gallery.asp, the (3) image_id parameter to (b) download_image.asp, the currentpage or (5) orderby parameter to (c) gallery.asp, or the currentpage parameter to (d) view_recent.asp.
network
low complexity
clicktech
7.5
2006-12-01 CVE-2006-6181 SQL Injection vulnerability in ClickContact Default.ASP
Multiple SQL injection vulnerabilities in default.asp in ClickTech ClickContact allow remote attackers to execute arbitrary SQL commands via the (1) AlphaSort, (2) In, and (3) orderby parameters.
network
low complexity
clicktech
7.5
2006-11-22 CVE-2006-6050 SQL Injection vulnerability in ClickTech Texas RankEm Player.ASP Tournaments.ASP
Multiple SQL injection vulnerabilities in ClickTech Texas Rank'em allow remote attackers to execute arbitrary SQL commands via the (1) selPlayer parameter to player.asp or the (2) tournament_id parameter to tournaments.asp.
network
low complexity
clicktech
7.5
2006-09-19 CVE-2006-4857 SQL Injection vulnerability in Clicktech Clickblog 2.0
SQL injection vulnerability in default.asp (aka the login page) in ClickTech ClickBlog 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) form_codeword (aka the Password field) parameters.
network
low complexity
clicktech
7.5