Vulnerabilities > Itechscripts
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-07-16 | CVE-2017-20135 | SQL Injection vulnerability in Itechscripts Dating Script 3.26 A vulnerability classified as critical was found in Itech Dating Script 3.26. | 9.8 |
2022-07-16 | CVE-2017-20136 | SQL Injection vulnerability in Itechscripts Classifieds Script 7.27 A vulnerability classified as critical has been found in Itech Classifieds Script 7.27. | 5.0 |
2022-07-16 | CVE-2017-20137 | SQL Injection vulnerability in Itechscripts B2B Script 4.28 A vulnerability was found in Itech B2B Script 4.28. | 5.0 |
2022-07-16 | CVE-2017-20138 | SQL Injection vulnerability in Itechscripts Auction Script 6.49 A vulnerability was found in Itech Auction Script 6.49. | 7.5 |
2017-10-29 | CVE-2017-15963 | SQL Injection vulnerability in Itechscripts Gigs Script 1.21 iTech Gigs Script 1.21 allows SQL Injection via the browse-scategory.php sc parameter or the service-provider.php ser parameter. | 7.5 |
2015-01-13 | CVE-2014-100020 | SQL Injection vulnerability in Itechscripts Itechclassifieds 3.03.057 SQL injection vulnerability in ChangeEmail.php in iTechClassifieds 3.03.057 allows remote attackers to execute arbitrary SQL commands via the PreviewNum parameter. | 7.5 |
2012-08-13 | CVE-2012-4281 | SQL Injection vulnerability in Itechscripts Travelon Express 6.2.2 Multiple SQL injection vulnerabilities in Travelon Express 6.2.2 allow remote attackers to execute arbitrary SQL commands via the hid parameter to (1) holiday.php or (2) holiday_book.php, (3) id parameter to pages.php, (4) fid parameter to admin/airline-edit.php, or (5) cid parameter to admin/customer-edit.php. | 7.5 |
2012-08-13 | CVE-2012-4266 | Cross-Site Scripting vulnerability in Itechscripts Proman Xpress 5.0.1 Cross-site scripting (XSS) vulnerability in client_details.php in Proman Xpress 5.0.1 allows remote attackers to inject arbitrary web script or HTML via the cl_comments parameter. | 4.3 |
2012-08-13 | CVE-2012-4265 | SQL Injection vulnerability in Itechscripts Proman Xpress 5.0.1 SQL injection vulnerability in category_edit.php in Proman Xpress 5.0.1 allows remote attackers to execute arbitrary SQL commands via the cid parameter. | 7.5 |
2012-05-27 | CVE-2012-2939 | Remote vulnerability in Itechscripts Travelon Express 6.2.2 Multiple unrestricted file upload vulnerabilities in Travelon Express 6.2.2 allow remote authenticated users to execute arbitrary code by uploading a file with an executable extension using (1) airline-edit.php, (2) hotel-image-add.php, or (3) hotel-add.php. | 6.5 |