Vulnerabilities > Myiosoft > Easybookmarker > 4.0

DATE CVE VULNERABILITY TITLE RISK
2008-12-17 CVE-2008-5655 SQL Injection vulnerability in Myiosoft Easybookmarker 4.0
Multiple SQL injection vulnerabilities in MyioSoft EasyBookMarker 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) delete_folder and (2) delete_link parameters to unspecified vectors, possibly to (a) plugins/bookmarker/bookmarker_backend.php or (b) ajaxp.php, different vectors than CVE-2008-5654.
network
low complexity
myiosoft CWE-89
7.5
7.5
2008-12-17 CVE-2008-5652 SQL Injection vulnerability in Myiosoft Easybookmarker 4.0
SQL injection vulnerability in the loginADP function in ajaxp.php in MyioSoft EasyBookMarker 4.0 allows remote attackers to execute arbitrary SQL commands via the rsargs parameter, as reachable through the username parameter.
network
low complexity
myiosoft CWE-89
7.5
7.5
2008-12-17 CVE-2008-5651 SQL Injection vulnerability in Myiosoft Easybookmarker 4.0
SQL injection vulnerability in plugins/bookmarker/bookmarker_backend.php in MyioSoft EasyBookMarker 4.0 allows remote attackers to execute arbitrary SQL commands via the Parent parameter.
network
low complexity
myiosoft CWE-89
7.5
7.5
2008-07-30 CVE-2008-3380 Cross-Site Scripting vulnerability in Myiosoft Easybookmarker 4.0
Cross-site scripting (XSS) vulnerability in ajaxp_backend.php in MyioSoft EasyBookMarker 4.0 trial edition (tr) allows remote attackers to inject arbitrary web script or HTML via the rs parameter.
network
myiosoft CWE-79
4.3
4.3