Vulnerabilities > Locazo

DATE CVE VULNERABILITY TITLE RISK
2007-01-09 CVE-2007-0129 SQL-Injection vulnerability in Locazolist Classifieds
SQL injection vulnerability in main.asp in LocazoList 2.01a beta5 and earlier allows remote attackers to execute arbitrary SQL commands via the subcatID parameter.
network
low complexity
locazo
7.5
2006-06-06 CVE-2006-2858 SQL Injection vulnerability in Locazo Locazolist Classifieds 1.03C/1.04D/1.05E
SQL injection vulnerability in viewmsg.asp in LocazoList Classifieds 1.05e allows remote attackers to execute arbitrary SQL commands via the msgid parameter.
network
low complexity
locazo
7.5
2005-12-13 CVE-2005-4205 Unspecified vulnerability in Locazo Locazolist Classifieds
Cross-site scripting (XSS) vulnerability in searchdb.asp in LocazoList 1.03c and earlier allows remote attackers to inject arbitrary web script or HTML via the q parameter.
network
locazo
4.3
2005-12-07 CVE-2005-4059 Unspecified vulnerability in Locazo Locazolist
SQL injection vulnerability in searchdb.asp in LocazoList 1.03c and earlier allows remote attackers to execute arbitrary SQL commands via the q parameter.
network
low complexity
locazo
7.5