Vulnerabilities > Itechscripts > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-16 | CVE-2017-20136 | SQL Injection vulnerability in Itechscripts Classifieds Script 7.27 A vulnerability classified as critical has been found in Itech Classifieds Script 7.27. | 5.0 |
| 2022-07-16 | CVE-2017-20137 | SQL Injection vulnerability in Itechscripts B2B Script 4.28 A vulnerability was found in Itech B2B Script 4.28. | 5.0 |
| 2012-08-13 | CVE-2012-4266 | Cross-Site Scripting vulnerability in Itechscripts Proman Xpress 5.0.1 Cross-site scripting (XSS) vulnerability in client_details.php in Proman Xpress 5.0.1 allows remote attackers to inject arbitrary web script or HTML via the cl_comments parameter. | 4.3 |
| 2012-05-27 | CVE-2012-2939 | Remote vulnerability in Itechscripts Travelon Express 6.2.2 Multiple unrestricted file upload vulnerabilities in Travelon Express 6.2.2 allow remote authenticated users to execute arbitrary code by uploading a file with an executable extension using (1) airline-edit.php, (2) hotel-image-add.php, or (3) hotel-add.php. | 6.5 |
| 2012-05-27 | CVE-2012-2938 | Cross-Site Scripting vulnerability in Itechscripts Travelon Express 6.2.2 Multiple cross-site scripting (XSS) vulnerabilities in Travelon Express 6.2.2 allow remote attackers to inject arbitrary web script or HTML via the holiday name field to (1) holiday_add.php or (2) holiday_view.php. | 4.3 |
| 2008-11-01 | CVE-2008-4872 | Cross-Site Scripting vulnerability in Itechscripts Itechbids 5.0 Cross-site scripting (XSS) vulnerability in bidhistory.php in iTechBids Gold 5.0 allows remote attackers to inject arbitrary web script or HTML via the item_id parameter. | 4.3 |
| 2008-07-21 | CVE-2008-3237 | Cross-Site Scripting vulnerability in Itechscripts Itechbids 7.0 Cross-site scripting (XSS) vulnerability in forward_to_friend.php in ITechBids 7.0 Gold allows remote attackers to inject arbitrary web script or HTML via the productid parameter. | 4.3 |
| 2008-02-12 | CVE-2008-0684 | Cross-Site Scripting vulnerability in Itechscripts Itechclassifieds 3.0 Cross-site scripting (XSS) vulnerability in ViewCat.php in iTechClassifieds 3.0 allows remote attackers to inject arbitrary web script or HTML via the CatID parameter. | 4.3 |