Filtered by vendor Itechscripts
Subscriptions
Total
24 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2008-0684 | 1 Itechscripts | 1 Itechclassifieds | 2024-09-17 | N/A |
Cross-site scripting (XSS) vulnerability in ViewCat.php in iTechClassifieds 3.0 allows remote attackers to inject arbitrary web script or HTML via the CatID parameter. | ||||
CVE-2012-4265 | 1 Itechscripts | 1 Proman Xpress | 2024-09-17 | N/A |
SQL injection vulnerability in category_edit.php in Proman Xpress 5.0.1 allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
CVE-2012-4266 | 1 Itechscripts | 1 Proman Xpress | 2024-09-17 | N/A |
Cross-site scripting (XSS) vulnerability in client_details.php in Proman Xpress 5.0.1 allows remote attackers to inject arbitrary web script or HTML via the cl_comments parameter. NOTE: some of these details are obtained from third party information. | ||||
CVE-2008-0685 | 1 Itechscripts | 1 Itechclassifieds | 2024-09-17 | N/A |
SQL injection vulnerability in ViewCat.php in iTechClassifieds 3.0 allows remote attackers to execute arbitrary SQL commands via the CatID parameter. | ||||
CVE-2008-4872 | 1 Itechscripts | 1 Itechbids | 2024-08-07 | N/A |
Cross-site scripting (XSS) vulnerability in bidhistory.php in iTechBids Gold 5.0 allows remote attackers to inject arbitrary web script or HTML via the item_id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
CVE-2008-3237 | 1 Itechscripts | 1 Itechbids | 2024-08-07 | N/A |
Cross-site scripting (XSS) vulnerability in forward_to_friend.php in ITechBids 7.0 Gold allows remote attackers to inject arbitrary web script or HTML via the productid parameter. | ||||
CVE-2008-3238 | 1 Itechscripts | 1 Itechbids | 2024-08-07 | N/A |
Multiple SQL injection vulnerabilities in ITechBids 7.0 Gold allow remote attackers to execute arbitrary SQL commands via (1) the seller_id parameter in sellers_othersitem.php, (2) the productid parameter in classifieds.php, and (3) the id parameter in shop.php. | ||||
CVE-2008-0776 | 1 Itechscripts | 1 Itechbids | 2024-08-07 | N/A |
SQL injection vulnerability in detail.php in iTechBids Gold 6.0 allows remote attackers to execute arbitrary SQL commands via the item_id parameter. | ||||
CVE-2008-0692 | 1 Itechscripts | 1 Itechbids | 2024-08-07 | N/A |
SQL injection vulnerability in bidhistory.php in iTechBids 3 Gold and 5.0 allows remote attackers to execute arbitrary SQL commands via the item_id parameter. | ||||
CVE-2009-3968 | 1 Itechscripts | 1 Itechbids | 2024-08-07 | N/A |
Multiple SQL injection vulnerabilities in ITechBids 8.0 allow remote attackers to execute arbitrary SQL commands via the (1) user_id parameter to feedback.php, (2) cate_id parameter to category.php, (3) id parameter to news.php, and (4) productid parameter to itechd.php. NOTE: the sellers_othersitem.php, classifieds.php, and shop.php vectors are already covered by CVE-2008-3238. | ||||
CVE-2012-4281 | 1 Itechscripts | 1 Travelon Express | 2024-08-06 | N/A |
Multiple SQL injection vulnerabilities in Travelon Express 6.2.2 allow remote attackers to execute arbitrary SQL commands via the hid parameter to (1) holiday.php or (2) holiday_book.php, (3) id parameter to pages.php, (4) fid parameter to admin/airline-edit.php, or (5) cid parameter to admin/customer-edit.php. | ||||
CVE-2012-2939 | 1 Itechscripts | 1 Travelon Express | 2024-08-06 | N/A |
Multiple unrestricted file upload vulnerabilities in Travelon Express 6.2.2 allow remote authenticated users to execute arbitrary code by uploading a file with an executable extension using (1) airline-edit.php, (2) hotel-image-add.php, or (3) hotel-add.php. | ||||
CVE-2012-2938 | 1 Itechscripts | 1 Travelon Express | 2024-08-06 | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Travelon Express 6.2.2 allow remote attackers to inject arbitrary web script or HTML via the holiday name field to (1) holiday_add.php or (2) holiday_view.php. | ||||
CVE-2014-100020 | 1 Itechscripts | 1 Itechclassifieds | 2024-08-06 | N/A |
SQL injection vulnerability in ChangeEmail.php in iTechClassifieds 3.03.057 allows remote attackers to execute arbitrary SQL commands via the PreviewNum parameter. NOTE: the CatID parameter is already covered by CVE-2008-0685. | ||||
CVE-2017-20130 | 1 Itechscripts | 1 Real Estate Script | 2024-08-05 | 6.3 Medium |
A vulnerability was found in Itech Real Estate Script 3.12. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /real-estate-script/search_property.php. The manipulation of the argument property_for leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
CVE-2017-20136 | 1 Itechscripts | 1 Classifieds Script | 2024-08-05 | 6.3 Medium |
A vulnerability classified as critical has been found in Itech Classifieds Script 7.27. Affected is an unknown function of the file /subpage.php. The manipulation of the argument scat with the input =51' AND 4941=4941 AND 'hoCP'='hoCP leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
CVE-2017-20132 | 1 Itechscripts | 1 Multi Vendor Script | 2024-08-05 | 6.3 Medium |
A vulnerability was found in Itech Multi Vendor Script 6.49 and classified as critical. This issue affects some unknown processing of the file /multi-vendor-shopping-script/product-list.php. The manipulation of the argument pl leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
CVE-2017-20135 | 1 Itechscripts | 1 Dating Script | 2024-08-05 | 6.3 Medium |
A vulnerability classified as critical was found in Itech Dating Script 3.26. Affected by this vulnerability is an unknown functionality of the file /see_more_details.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
CVE-2017-20138 | 1 Itechscripts | 1 Auction Script | 2024-08-05 | 6.3 Medium |
A vulnerability was found in Itech Auction Script 6.49. It has been classified as critical. This affects an unknown part of the file /mcategory.php. The manipulation of the argument mcid with the input 4' AND 1734=1734 AND 'Ggks'='Ggks leads to sql injection (Blind). It is possible to initiate the attack remotely. | ||||
CVE-2017-20137 | 1 Itechscripts | 1 B2b Script | 2024-08-05 | 6.3 Medium |
A vulnerability was found in Itech B2B Script 4.28. It has been rated as critical. This issue affects some unknown processing of the file /catcompany.php. The manipulation of the argument token with the input 704667c6a1e7ce56d3d6fa748ab6d9af3fd7' AND 6539=6539 AND 'Fakj'='Fakj leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. |