Vulnerabilities > Phpscripte24
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-05-12 | CVE-2010-1924 | SQL Injection vulnerability in PHPscripte24 Live Shopping Multi Portal System SQL injection vulnerability in index.php in Hi Web Wiesbaden Live Shopping Multi Portal System allows remote attackers to execute arbitrary SQL commands via the artikel parameter. | 7.5 |
| 2010-05-12 | CVE-2010-1923 | SQL Injection vulnerability in PHPscripte24 web Social Network Freunde Community 2.0 SQL injection vulnerability in user.php in Hi Web Wiesbaden Web 2.0 Social Network Freunde Community System allows remote attackers to execute arbitrary SQL commands via the id parameter in a showgallery action. | 7.5 |
| 2010-05-07 | CVE-2010-1855 | SQL Injection vulnerability in PHPscripte24 PAY PER Watch & BID Auktions System SQL injection vulnerability in auktion.php in Pay Per Watch & Bid Auktions System allows remote attackers to execute arbitrary SQL commands via the id_auk parameter. | 7.5 |
| 2010-05-07 | CVE-2010-1854 | Cross-Site Scripting vulnerability in PHPscripte24 PAY PER Watch & BID Auktions System Cross-site scripting (XSS) vulnerability in auktion.php in Pay Per Watch & Bid Auktions System allows remote attackers to inject arbitrary web script or HTML via the id_auk parameter, which is not properly handled in a forced SQL error message. | 4.3 |
| 2010-04-06 | CVE-2010-1270 | SQL Injection vulnerability in PHPscripte24 Multi Suktions Komplett System 2 SQL injection vulnerability in auktion.php in Multi Auktions Komplett System 2 allows remote attackers to execute arbitrary SQL commands via the id_auk parameter. | 7.5 |
| 2010-04-06 | CVE-2010-1269 | SQL Injection vulnerability in PHPscripte24 Niedrig Gebote PRO Auktions System II SQL injection vulnerability in auktion.php in phpscripte24 Niedrig Gebote Pro Auktions System II allows remote attackers to execute arbitrary SQL commands via the id_auk parameter. | 7.5 |