Vulnerabilities > Zeeways
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-06-03 | CVE-2010-2144 | Cross-Site Scripting vulnerability in Zeeways Ebay Clone Auction Script Cross-site scripting (XSS) vulnerability in signinform.php in Zeeways eBay Clone Auction Script allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | 4.3 |
2010-01-12 | CVE-2009-4601 | Cross-Site Scripting vulnerability in Zeeways Zeejobsite 3.0 Cross-site scripting (XSS) vulnerability in basic_search_result.php in Zeeways ZeeJobsite 3x allows remote attackers to inject arbitrary web script or HTML via the title parameter. | 4.3 |
2009-12-14 | CVE-2009-4316 | Cross-Site Scripting vulnerability in Zeeways Zeelyrics 3X Cross-site scripting (XSS) vulnerability in searchresults_main.php in ZeeLyrics 3x allows remote attackers to inject arbitrary web script or HTML via the keyword parameter. | 4.3 |
2009-08-07 | CVE-2008-6915 | Cross-Site Scripting vulnerability in Zeeways Zeeproperty 1.0 Cross-site scripting (XSS) vulnerability in view_prop_details.php in Zeeways ZEEPROPERTY 1.0 allows remote attackers to inject arbitrary web script or HTML via the propid parameter. | 4.3 |
2009-08-07 | CVE-2008-6914 | Permissions, Privileges, and Access Controls vulnerability in Zeeways Zeeproperty 1.0 Unrestricted file upload vulnerability in viewprofile.php in Zeeways ZEEPROPERTY 1.0 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a photo in a profile modification, then accessing a related file via a direct request to the file in companylogo/. | 6.5 |
2009-08-07 | CVE-2008-6913 | Improper Input Validation vulnerability in Zeeways Zeejobsite 2.0 Unrestricted file upload vulnerability in editresume_next.php in Zeeways ZEEJOBSITE 2.0 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a photo in a profile edit action, then accessing the file via a direct request to jobseekers/logos/. | 6.5 |
2009-08-07 | CVE-2008-6912 | Improper Authentication vulnerability in Zeeways Shaadiclone 2.0 Zeeways SHAADICLONE 2.0 allows remote attackers to bypass authentication and gain administrative privileges via a direct request to admin/home.php. | 7.5 |
2008-12-31 | CVE-2008-5782 | SQL Injection vulnerability in Zeeways Zeematri 3.0 SQL injection vulnerability in bannerclick.php in ZeeMatri 3.0 allows remote attackers to execute arbitrary SQL commands via the adid parameter. | 7.5 |
2008-11-12 | CVE-2008-5042 | Improper Authentication vulnerability in Zeeways Photovideotube Zeeways PhotoVideoTube 1.1 and earlier allows remote attackers to bypass authentication and perform administrative tasks via a direct request to admin/home.php. | 7.5 |
2008-10-23 | CVE-2008-4717 | SQL Injection vulnerability in Zeeways Zeelyrics 2.0 SQL injection vulnerability in bannerclick.php in ZEELYRICS 2.0 allows remote attackers to execute arbitrary SQL commands via the adid parameter. | 7.5 |