Vulnerabilities > W2B
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-06-11 | CVE-2007-3175 | SQL-Injection vulnerability in Online Banking Multiple SQL injection vulnerabilities in W2B Online Banking allow remote attackers to execute arbitrary SQL commands via (1) the draft parameter to mailer.w2b or (2) the listDocPay parameter to DocPay.w2b. | 7.5 |
2007-06-11 | CVE-2007-3174 | Cross-Site Scripting vulnerability in Online Banking Cross-site scripting (XSS) vulnerability in auth.w2b in W2B Online Banking allows remote attackers to inject arbitrary web script or HTML via the adtype parameter, a different vector than CVE-2006-1980. network w2b | 4.3 |
2006-04-21 | CVE-2006-1980 | Cross-Site Scripting vulnerability in W2B Online Banking SID Parameter Cross-site scripting (XSS) vulnerability in W2B Online Banking allows remote attackers to inject arbitrary web script or HTML via the (1) query string, (2) SID parameter, or (3) ilang parameter. | 2.6 |
2005-12-08 | CVE-2005-4088 | SQL Injection vulnerability in PHPForumPro SQL injection vulnerability in index.php in phpForumPro 2.2 allows remote attackers to execute arbitrary SQL commands via the (1) parent and (2) day parameters. | 7.5 |