Vulnerabilities > Itechscripts

DATE	CVE	VULNERABILITY TITLE	RISK
2017-10-29	CVE-2017-15963	SQL Injection vulnerability in Itechscripts Gigs Script 1.21 iTech Gigs Script 1.21 allows SQL Injection via the browse-scategory.php sc parameter or the service-provider.php ser parameter. network low complexity itechscripts CWE-89	7.5
2015-01-13	CVE-2014-100020	SQL Injection vulnerability in Itechscripts Itechclassifieds 3.03.057 SQL injection vulnerability in ChangeEmail.php in iTechClassifieds 3.03.057 allows remote attackers to execute arbitrary SQL commands via the PreviewNum parameter. network low complexity itechscripts CWE-89	7.5
2012-08-13	CVE-2012-4281	SQL Injection vulnerability in Itechscripts Travelon Express 6.2.2 Multiple SQL injection vulnerabilities in Travelon Express 6.2.2 allow remote attackers to execute arbitrary SQL commands via the hid parameter to (1) holiday.php or (2) holiday_book.php, (3) id parameter to pages.php, (4) fid parameter to admin/airline-edit.php, or (5) cid parameter to admin/customer-edit.php. network low complexity itechscripts CWE-89	7.5
2012-08-13	CVE-2012-4266	Cross-Site Scripting vulnerability in Itechscripts Proman Xpress 5.0.1 Cross-site scripting (XSS) vulnerability in client_details.php in Proman Xpress 5.0.1 allows remote attackers to inject arbitrary web script or HTML via the cl_comments parameter. network itechscripts CWE-79	4.3
2012-08-13	CVE-2012-4265	SQL Injection vulnerability in Itechscripts Proman Xpress 5.0.1 SQL injection vulnerability in category_edit.php in Proman Xpress 5.0.1 allows remote attackers to execute arbitrary SQL commands via the cid parameter. network low complexity itechscripts CWE-89	7.5
2012-05-27	CVE-2012-2939	Remote vulnerability in Itechscripts Travelon Express 6.2.2 Multiple unrestricted file upload vulnerabilities in Travelon Express 6.2.2 allow remote authenticated users to execute arbitrary code by uploading a file with an executable extension using (1) airline-edit.php, (2) hotel-image-add.php, or (3) hotel-add.php. network low complexity itechscripts	6.5
2012-05-27	CVE-2012-2938	Cross-Site Scripting vulnerability in Itechscripts Travelon Express 6.2.2 Multiple cross-site scripting (XSS) vulnerabilities in Travelon Express 6.2.2 allow remote attackers to inject arbitrary web script or HTML via the holiday name field to (1) holiday_add.php or (2) holiday_view.php. network itechscripts CWE-79	4.3
2009-11-18	CVE-2009-3968	SQL Injection vulnerability in Itechscripts Itechbids 8.0 Multiple SQL injection vulnerabilities in ITechBids 8.0 allow remote attackers to execute arbitrary SQL commands via the (1) user_id parameter to feedback.php, (2) cate_id parameter to category.php, (3) id parameter to news.php, and (4) productid parameter to itechd.php. network low complexity itechscripts CWE-89	7.5
2008-11-01	CVE-2008-4872	Cross-Site Scripting vulnerability in Itechscripts Itechbids 5.0 Cross-site scripting (XSS) vulnerability in bidhistory.php in iTechBids Gold 5.0 allows remote attackers to inject arbitrary web script or HTML via the item_id parameter. network itechscripts CWE-79	4.3
2008-07-21	CVE-2008-3238	SQL Injection vulnerability in Itechscripts Itechbids 7.0 Multiple SQL injection vulnerabilities in ITechBids 7.0 Gold allow remote attackers to execute arbitrary SQL commands via (1) the seller_id parameter in sellers_othersitem.php, (2) the productid parameter in classifieds.php, and (3) the id parameter in shop.php. network low complexity itechscripts CWE-89	7.5

Vulnerabilities > Itechscripts {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Itechscripts"}]}

Vulnerabilities > Itechscripts