Vulnerabilities > Mginternet

DATE CVE VULNERABILITY TITLE RISK
2006-12-23 CVE-2006-6709 Input Validation vulnerability in MGInternet Property Site Manager
Multiple SQL injection vulnerabilities in MGinternet Property Site Manager allow remote attackers to execute arbitrary SQL commands via the (1) p parameter to (a) detail.asp; the (2) l, (3) typ, or (4) loc parameter to (b) listings.asp; or the (5) Password or (6) Username parameter to (c) admin_login.asp.
network
low complexity
mginternet
7.5
2006-12-23 CVE-2006-6708 Input Validation vulnerability in MGInternet Property Site Manager
Cross-site scripting (XSS) vulnerability in listings.asp in MGinternet Property Site Manager allows remote attackers to inject arbitrary web script or HTML via the s parameter.
network
mginternet
6.8
2006-11-21 CVE-2006-6012 Cross-Site Scripting vulnerability in Car Site Manager
Cross-site scripting (XSS) vulnerability in csm/asp/listings.asp in MGinternet Car Site Manager (CSM) allows remote attackers to inject arbitrary web script or HTML via the p parameter.
network
mginternet
4.3