Vulnerabilities > Myiosoft > Medium

DATE CVE VULNERABILITY TITLE RISK
2008-09-15 CVE-2008-4084 SQL Injection vulnerability in Myiosoft Easyclassifields 3.0
SQL injection vulnerability in staticpages/easyclassifields/index.php in MyioSoft EasyClassifields 3.0 allows remote attackers to execute arbitrary SQL commands via the go parameter in a browse action.
network
myiosoft CWE-89
6.8
6.8
2008-07-30 CVE-2008-3380 Cross-Site Scripting vulnerability in Myiosoft Easybookmarker 4.0
Cross-site scripting (XSS) vulnerability in ajaxp_backend.php in MyioSoft EasyBookMarker 4.0 trial edition (tr) allows remote attackers to inject arbitrary web script or HTML via the rs parameter.
network
myiosoft CWE-79
4.3
4.3
2008-07-28 CVE-2008-3348 Cross-Site Scripting vulnerability in Myiosoft Easydynamicpages 3.0
Cross-site scripting (XSS) vulnerability in staticpages/easycalendar/index.php in MyioSoft EasyDynamicPages 3.0 trial edition (tr) allows remote attackers to inject arbitrary web script or HTML via the year parameter.
network
myiosoft CWE-79
4.3
4.3
2008-07-28 CVE-2008-3345 SQL Injection vulnerability in Myiosoft Easye-Cards 3.10/3.5
SQL injection vulnerability in staticpages/easyecards/index.php in MyioSoft EasyE-Cards 3.5 trial edition (tr) and 3.10a, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the sid parameter in a pickup action.
network
myiosoft CWE-89
6.8
6.8
2008-07-28 CVE-2008-3344 Cross-Site Scripting vulnerability in Myiosoft Easye-Cards 3.10/3.5
Multiple cross-site scripting (XSS) vulnerabilities in staticpages/easyecards/index.php in MyioSoft EasyE-Cards 3.5 trial edition (tr) and 3.10a allow remote attackers to inject arbitrary web script or HTML via the (1) ResultHtml, (2) dir, (3) SenderName, (4) RecipientName, (5) SenderMail, and (6) RecipientMail parameters.
network
myiosoft CWE-79
4.3
4.3
2008-07-28 CVE-2008-3342 Cross-Site Scripting vulnerability in Myiosoft Easypublish 3.0
Cross-site scripting (XSS) vulnerability in staticpages/easypublish/index.php in MyioSoft EasyPublish 3.0tr allows remote attackers to inject arbitrary web script or HTML via the read parameter in an edp_News action.
network
myiosoft CWE-79
4.3
4.3
2008-04-02 CVE-2008-1649 Cross-Site Scripting vulnerability in Myiosoft Easynews 4.0Tr
Cross-site scripting (XSS) vulnerability in staticpages/easypublish/index.php in EasyNews 4.0 allows remote attackers to inject arbitrary web script or HTML via the read parameter in an edp_pupublish action.
network
myiosoft CWE-79
4.3
4.3
2008-03-17 CVE-2008-1347 Cross-Site Scripting vulnerability in Myiosoft Easycalendar 4.0Tr
Multiple cross-site scripting (XSS) vulnerabilities in staticpages/easygallery/index.php in MyioSoft EasyGallery 5.0tr and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO or (2) the q parameter in an about action to the help system.
network
myiosoft CWE-79
4.3
4.3
2008-03-17 CVE-2008-1345 Cross-Site Scripting vulnerability in Myiosoft Easycalendar 4.0Tr
Cross-site scripting (XSS) vulnerability in plugins/calendar/calendar_backend.php in MyioSoft EasyCalendar 4.0tr and earlier allows remote attackers to inject arbitrary web script or HTML via the day parameter in a dayview action.
network
myiosoft CWE-79
4.3
4.3