Vulnerabilities > Softbiz
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-12-01 | CVE-2005-3938 | SQL Injection vulnerability in Softbiz FAQ SQL injection vulnerability in Softbiz FAQ Script 1.1 and earler allows remote attackers to execute arbitrary SQL commands via the id parameter in (1) index.php, (2) faq_qanda.php, (3) refer_friend.php, (4) print_article.php, or (5) add_comment.php. | 7.5 |
| 2005-12-01 | CVE-2005-3937 | SQL Injection vulnerability in Softbiz B2B Trading Marketplace SQL injection vulnerability in Softbiz B2B Trading Marketplace Script 1.1 and earler allows remote attackers to execute arbitrary SQL commands via the cid parameter in (1) selloffers.php, (2) buyoffers.php, (3) products.php, or (4) profiles.php. | 7.5 |
| 2005-11-29 | CVE-2005-3879 | SQL Injection vulnerability in Softbiz Resource Repository Script 1.1 Multiple SQL injection vulnerabilities in Softbiz Resource Repository Script 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) sbres_id parameter in (a) details_res.php, (b) refer_friend.php, and (c) report_link.php, and (2) the sbcat_id parameter in (d) showcats.php. | 7.5 |
| 2005-11-26 | CVE-2005-3817 | SQL Injection vulnerability in Softbiz web Hosting Directory Script Multiple SQL injection vulnerabilities in Softbiz Web Host Directory Script 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) cid parameter in search_result.php, (2) sbres_id parameter in review.php, (3) cid parameter in browsecats.php, (4) h_id parameter in email.php, and (5) an unspecified parameter to the search module. | 7.5 |