Vulnerabilities > Ocean12Tech > Contact Manager PRO
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-03-02 | CVE-2008-6370 | Cross-Site Scripting vulnerability in Ocean12Tech Contact Manager PRO 1.02 Cross-site scripting (XSS) vulnerability in default.asp in Ocean12 Contact Manager Pro 1.02 allows remote attackers to inject arbitrary web script or HTML via the DisplayFormat parameter. | 4.3 |
| 2009-03-02 | CVE-2008-6369 | SQL Injection vulnerability in Ocean12Tech Contact Manager PRO 1.02 SQL injection vulnerability in default.asp in Ocean12 Contact Manager Pro 1.02 allows remote attackers to execute arbitrary SQL commands via the Sort parameter. | 7.5 |