Vulnerabilities > Videogirls > Videogirls BIZ

DATE CVE VULNERABILITY TITLE RISK
2009-09-15 CVE-2009-3186 Cross-Site Scripting vulnerability in Videogirls BIZ
Multiple cross-site scripting (XSS) vulnerabilities in VideoGirls BiZ allow remote attackers to inject arbitrary web script or HTML via the (1) t parameter to forum.php, (2) profile_name parameter to profile.php, and (3) p parameter to view.php.
network
videogirls CWE-79
4.3
4.3
2008-12-01 CVE-2008-5292 SQL Injection vulnerability in Videogirls BIZ NIL
SQL injection vulnerability in view_snaps.php in VideoGirls BiZ allows remote attackers to execute arbitrary SQL commands via the type parameter.
network
low complexity
videogirls CWE-89
7.5
7.5