Vulnerabilities > Itechscripts > High

DATE CVE VULNERABILITY TITLE RISK
2022-07-16 CVE-2017-20138 SQL Injection vulnerability in Itechscripts Auction Script 6.49
A vulnerability was found in Itech Auction Script 6.49.
network
low complexity
itechscripts CWE-89
7.5
7.5
2017-10-29 CVE-2017-15963 SQL Injection vulnerability in Itechscripts Gigs Script 1.21
iTech Gigs Script 1.21 allows SQL Injection via the browse-scategory.php sc parameter or the service-provider.php ser parameter.
network
low complexity
itechscripts CWE-89
7.5
7.5
2015-01-13 CVE-2014-100020 SQL Injection vulnerability in Itechscripts Itechclassifieds 3.03.057
SQL injection vulnerability in ChangeEmail.php in iTechClassifieds 3.03.057 allows remote attackers to execute arbitrary SQL commands via the PreviewNum parameter.
network
low complexity
itechscripts CWE-89
7.5
7.5
2012-08-13 CVE-2012-4281 SQL Injection vulnerability in Itechscripts Travelon Express 6.2.2
Multiple SQL injection vulnerabilities in Travelon Express 6.2.2 allow remote attackers to execute arbitrary SQL commands via the hid parameter to (1) holiday.php or (2) holiday_book.php, (3) id parameter to pages.php, (4) fid parameter to admin/airline-edit.php, or (5) cid parameter to admin/customer-edit.php.
network
low complexity
itechscripts CWE-89
7.5
7.5
2012-08-13 CVE-2012-4265 SQL Injection vulnerability in Itechscripts Proman Xpress 5.0.1
SQL injection vulnerability in category_edit.php in Proman Xpress 5.0.1 allows remote attackers to execute arbitrary SQL commands via the cid parameter.
network
low complexity
itechscripts CWE-89
7.5
7.5
2009-11-18 CVE-2009-3968 SQL Injection vulnerability in Itechscripts Itechbids 8.0
Multiple SQL injection vulnerabilities in ITechBids 8.0 allow remote attackers to execute arbitrary SQL commands via the (1) user_id parameter to feedback.php, (2) cate_id parameter to category.php, (3) id parameter to news.php, and (4) productid parameter to itechd.php.
network
low complexity
itechscripts CWE-89
7.5
7.5
2008-07-21 CVE-2008-3238 SQL Injection vulnerability in Itechscripts Itechbids 7.0
Multiple SQL injection vulnerabilities in ITechBids 7.0 Gold allow remote attackers to execute arbitrary SQL commands via (1) the seller_id parameter in sellers_othersitem.php, (2) the productid parameter in classifieds.php, and (3) the id parameter in shop.php.
network
low complexity
itechscripts CWE-89
7.5
7.5
2008-02-14 CVE-2008-0776 SQL Injection vulnerability in Itechscripts Itechbids 6.0
SQL injection vulnerability in detail.php in iTechBids Gold 6.0 allows remote attackers to execute arbitrary SQL commands via the item_id parameter.
network
low complexity
itechscripts CWE-89
7.5
7.5
2008-02-12 CVE-2008-0692 SQL Injection vulnerability in Itechscripts Itechbids 3Gold/5.0
SQL injection vulnerability in bidhistory.php in iTechBids 3 Gold and 5.0 allows remote attackers to execute arbitrary SQL commands via the item_id parameter.
network
low complexity
itechscripts CWE-89
7.5
7.5
2008-02-12 CVE-2008-0685 SQL Injection vulnerability in Itechscripts Itechclassifieds 3.0
SQL injection vulnerability in ViewCat.php in iTechClassifieds 3.0 allows remote attackers to execute arbitrary SQL commands via the CatID parameter.
network
low complexity
itechscripts CWE-89
7.5
7.5