Vulnerabilities > Zeeways > Zeejobsite

DATE CVE VULNERABILITY TITLE RISK
2010-01-12 CVE-2009-4601 Cross-Site Scripting vulnerability in Zeeways Zeejobsite 3.0
Cross-site scripting (XSS) vulnerability in basic_search_result.php in Zeeways ZeeJobsite 3x allows remote attackers to inject arbitrary web script or HTML via the title parameter.
network
zeeways CWE-79
4.3
4.3
2009-08-07 CVE-2008-6913 Improper Input Validation vulnerability in Zeeways Zeejobsite 2.0
Unrestricted file upload vulnerability in editresume_next.php in Zeeways ZEEJOBSITE 2.0 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a photo in a profile edit action, then accessing the file via a direct request to jobseekers/logos/.
network
low complexity
zeeways CWE-20
6.5
6.5
2008-08-19 CVE-2008-3706 SQL Injection vulnerability in Zeeways Zeejobsite 2.0
SQL injection vulnerability in bannerclick.php in ZEEJOBSITE 2.0 allows remote attackers to execute arbitrary SQL commands via the adid parameter.
network
low complexity
zeeways CWE-89
7.5
7.5