Vulnerabilities > Codetoad

DATE CVE VULNERABILITY TITLE RISK
2009-08-03 CVE-2008-6891 Cross-Site Scripting vulnerability in Codetoad ASP Forum Script
Multiple cross-site scripting (XSS) vulnerabilities in ASP Forum Script allow remote attackers to inject arbitrary web script or HTML via the (1) forum_id parameter to (a) new_message.asp and (b) messages.asp, and the (2) query string to default.asp.
network
codetoad CWE-79
4.3
2009-08-03 CVE-2008-6890 SQL Injection vulnerability in Codetoad ASP Forum Script
SQL injection vulnerability in messages.asp in ASP Forum Script allows remote attackers to execute arbitrary SQL commands via the message_id parameter.
network
low complexity
codetoad CWE-89
7.5
2009-03-20 CVE-2008-6500 Cross-Site Scripting vulnerability in Codetoad ASP Shopping Cart Script
Cross-site scripting (XSS) vulnerability in CodeToad ASP Shopping Cart Script allows remote attackers to inject arbitrary web script or HTML via the query string to the default URI.
network
codetoad CWE-79
4.3