Vulnerabilities > Softbiz > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-08-17 | CVE-2009-2790 | SQL Injection vulnerability in Softbiz Dating Script SQL injection vulnerability in cat_products.php in SoftBiz Dating Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. | 7.5 |
| 2008-02-27 | CVE-2008-1050 | SQL Injection vulnerability in Softbiz Jokes and Funny Pictures Script SQL injection vulnerability in index.php in Softbiz Jokes & Funny Pics Script allows remote attackers to execute arbitrary SQL commands via the sbcat_id parameter. | 7.5 |
| 2007-11-26 | CVE-2007-6125 | SQL Injection vulnerability in Softbiz Freelancers Script 1.0 SQL injection vulnerability in search_form.php in Softbiz Freelancers Script 1 allows remote attackers to execute arbitrary SQL commands via the sb_protype parameter. | 7.5 |
| 2007-10-14 | CVE-2007-5449 | SQL Injection vulnerability in Softbiz Recipes Portal Script SQL injection vulnerability in searchresult.php in Softbiz Recipes Portal Script allows remote attackers to execute arbitrary SQL commands via the sbcat_id parameter. | 7.5 |
| 2006-06-28 | CVE-2006-3271 | SQL Injection vulnerability in Softbiz Dating Script 1.0 Multiple SQL injection vulnerabilities in Softbiz Dating 1.0 allow remote attackers to execute SQL commands via the (1) country and (2) sort_by parameters in (a) search_results.php; (3) browse parameter in (b) featured_photos.php; (4) cid parameter in (c) products.php, (d) index.php, and (e) news_desc.php. | 7.5 |
| 2005-12-01 | CVE-2005-3938 | SQL Injection vulnerability in Softbiz FAQ SQL injection vulnerability in Softbiz FAQ Script 1.1 and earler allows remote attackers to execute arbitrary SQL commands via the id parameter in (1) index.php, (2) faq_qanda.php, (3) refer_friend.php, (4) print_article.php, or (5) add_comment.php. | 7.5 |
| 2005-12-01 | CVE-2005-3937 | SQL Injection vulnerability in Softbiz B2B Trading Marketplace SQL injection vulnerability in Softbiz B2B Trading Marketplace Script 1.1 and earler allows remote attackers to execute arbitrary SQL commands via the cid parameter in (1) selloffers.php, (2) buyoffers.php, (3) products.php, or (4) profiles.php. | 7.5 |
| 2005-11-29 | CVE-2005-3879 | SQL Injection vulnerability in Softbiz Resource Repository Script 1.1 Multiple SQL injection vulnerabilities in Softbiz Resource Repository Script 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) sbres_id parameter in (a) details_res.php, (b) refer_friend.php, and (c) report_link.php, and (2) the sbcat_id parameter in (d) showcats.php. | 7.5 |
| 2005-11-26 | CVE-2005-3817 | SQL Injection vulnerability in Softbiz web Hosting Directory Script Multiple SQL injection vulnerabilities in Softbiz Web Host Directory Script 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) cid parameter in search_result.php, (2) sbres_id parameter in review.php, (3) cid parameter in browsecats.php, (4) h_id parameter in email.php, and (5) an unspecified parameter to the search module. | 7.5 |