Vulnerabilities > Virtuenetz

DATE CVE VULNERABILITY TITLE RISK
2011-10-09 CVE-2010-4923 SQL Injection vulnerability in Virtuenetz Virtue Book Store
SQL injection vulnerability in book/detail.php in Virtue Netz Virtue Book Store allows remote attackers to execute arbitrary SQL commands via the bid parameter.
network
low complexity
virtuenetz CWE-89
7.5
2011-10-08 CVE-2010-4908 SQL Injection vulnerability in Virtuenetz Virtue Shopping Mall
SQL injection vulnerability in detail.php in Virtue Shopping Mall allows remote attackers to execute arbitrary SQL commands via the prodid parameter.
network
low complexity
virtuenetz CWE-89
7.5
2009-07-09 CVE-2009-2393 Permissions, Privileges, and Access Controls vulnerability in Virtuenetz Virtue Online Test Generator
admin/index.php in Virtuenetz Virtue Online Test Generator does not require administrative privileges, which allows remote authenticated users to have an unknown impact via unspecified vectors.
network
low complexity
virtuenetz CWE-264
6.5
2009-07-09 CVE-2009-2392 SQL Injection vulnerability in Virtuenetz Virtue Online Test Generator
SQL injection vulnerability in text.php in Virtuenetz Virtue Online Test Generator allows remote attackers to execute arbitrary SQL commands via the tid parameter.
network
low complexity
virtuenetz CWE-89
7.5
2009-07-09 CVE-2009-2391 Cross-Site Scripting vulnerability in Virtuenetz Virtue Online Test Generator
Cross-site scripting (XSS) vulnerability in text.php in Virtuenetz Virtue Online Test Generator allows remote attackers to inject arbitrary web script or HTML via the tid parameter.
network
virtuenetz CWE-79
4.3
2009-06-09 CVE-2009-2021 SQL Injection vulnerability in Virtuenetz Virtue Classifieds
SQL injection vulnerability in search.php in Virtue Classifieds allows remote attackers to execute arbitrary SQL commands via the category parameter.
network
low complexity
virtuenetz CWE-89
7.5
2009-06-09 CVE-2009-2020 Cross-Site Scripting vulnerability in Virtuenetz Virtue News Manager
Cross-site scripting (XSS) vulnerability in news_detail.php in Virtue News Manager allows remote attackers to inject arbitrary web script or HTML via the nid parameter.
network
virtuenetz CWE-79
4.3
2009-06-09 CVE-2009-2019 SQL Injection vulnerability in Virtuenetz Virtue News Manager
SQL injection vulnerability in news_detail.php in Virtue News Manager allows remote attackers to execute arbitrary SQL commands via the nid parameter.
network
low complexity
virtuenetz CWE-89
7.5
2009-06-09 CVE-2009-2017 SQL Injection vulnerability in Virtuenetz Virtue Book Store
SQL injection vulnerability in products.php in Virtue Book Store allows remote attackers to execute arbitrary SQL commands via the cid parameter.
network
low complexity
virtuenetz CWE-89
7.5
2009-06-09 CVE-2009-2016 SQL Injection vulnerability in Virtuenetz Virtue Shopping Mall
SQL injection vulnerability in products.php in Virtue Shopping Mall allows remote attackers to execute arbitrary SQL commands via the cid parameter.
network
low complexity
virtuenetz CWE-89
7.5