Vulnerabilities > Netbizcity
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-01-04 | CVE-2007-6635 | Cryptographic Issues vulnerability in Netbizcity Faqmasterflexplus FAQMasterFlexPlus, possibly 1.5 or 1.52, stores the admin password in cleartext in a database, which might allow context-dependent attackers to obtain the password via unspecified database access. | 6.4 |
| 2008-01-04 | CVE-2007-6634 | SQL Injection vulnerability in Netbizcity Faqmasterflexplus Multiple SQL injection vulnerabilities in FAQMasterFlexPlus, possibly 1.5 or 1.52, allow remote attackers to execute arbitrary SQL commands via the category_id parameter to faq.php, and unspecified other vectors involving additional scripts. | 6.8 |
| 2008-01-04 | CVE-2007-6633 | Cross-Site Scripting vulnerability in Netbizcity Faqmasterflexplus Multiple cross-site scripting (XSS) vulnerabilities in FAQMasterFlexPlus, possibly 1.5 or 1.52, allow remote attackers to inject arbitrary web script or HTML via (1) the cat_name parameter to faq.php; and unspecified parameters to the (2) add categories, (3) edit categories, (4) delete categories, (5) add faq, (6) edit faq, and (7) delete faq Admin scripts. | 4.3 |