Vulnerabilities > Myiosoft > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-06-30 | CVE-2009-2262 | Code Injection vulnerability in Myiosoft Ajaxportal 3.0 PHP remote file inclusion vulnerability in install/di.php in AjaxPortal 3.0 allows remote attackers to execute arbitrary PHP code via a URL in the pathtoserverdata parameter. | 7.5 |
| 2009-05-01 | CVE-2009-1509 | SQL Injection vulnerability in Myiosoft Ajaxportal 3.0 SQL injection vulnerability in ajaxp_backend.php in MyioSoft AjaxPortal 3.0 allows remote attackers to execute arbitrary SQL commands via the page parameter. | 7.5 |
| 2008-12-17 | CVE-2008-5655 | SQL Injection vulnerability in Myiosoft Easybookmarker 4.0 Multiple SQL injection vulnerabilities in MyioSoft EasyBookMarker 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) delete_folder and (2) delete_link parameters to unspecified vectors, possibly to (a) plugins/bookmarker/bookmarker_backend.php or (b) ajaxp.php, different vectors than CVE-2008-5654. | 7.5 |
| 2008-12-17 | CVE-2008-5654 | SQL Injection vulnerability in Myiosoft Easycalendar 4.0 SQL injection vulnerability in the loginADP function in ajaxp.php in MyioSoft EasyCalendar 4.0 allows remote attackers to execute arbitrary SQL commands via the rsargs parameter, as reachable through the username parameter, a different vector than CVE-2008-1344. | 7.5 |
| 2008-12-17 | CVE-2008-5652 | SQL Injection vulnerability in Myiosoft Easybookmarker 4.0 SQL injection vulnerability in the loginADP function in ajaxp.php in MyioSoft EasyBookMarker 4.0 allows remote attackers to execute arbitrary SQL commands via the rsargs parameter, as reachable through the username parameter. | 7.5 |
| 2008-12-17 | CVE-2008-5651 | SQL Injection vulnerability in Myiosoft Easybookmarker 4.0 SQL injection vulnerability in plugins/bookmarker/bookmarker_backend.php in MyioSoft EasyBookMarker 4.0 allows remote attackers to execute arbitrary SQL commands via the Parent parameter. | 7.5 |
| 2008-07-28 | CVE-2008-3347 | SQL Injection vulnerability in Myiosoft Easydynamicpages 3.0 SQL injection vulnerability in staticpages/easycalendar/index.php in MyioSoft EasyDynamicPages 3.0 trial edition (tr) allows remote attackers to execute arbitrary SQL commands via the read parameter. | 7.5 |
| 2008-07-28 | CVE-2008-3343 | SQL Injection vulnerability in Myiosoft Easypublish 3.0 SQL injection vulnerability in staticpages/easypublish/index.php in MyioSoft EasyPublish 3.0tr (trial edition) allows remote attackers to execute arbitrary SQL commands via the read parameter in a search action. | 7.5 |
| 2008-04-02 | CVE-2008-1651 | Path Traversal vulnerability in Myiosoft Easynews 4.0Tr Directory traversal vulnerability in admin/login.php in EasyNews 4.0 allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
| 2008-04-02 | CVE-2008-1650 | SQL Injection vulnerability in Myiosoft Easynews 4.0Tr SQL injection vulnerability in dynamicpages/index.php in EasyNews 4.0 allows remote attackers to execute arbitrary SQL commands via the read parameter in an edp_Help_Internal_News action. | 7.5 |