Filtered by vendor Widget Press Subscriptions
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2005-4020 1 Widget Press 1 Widget Imprint 2024-11-21 N/A
SQL injection vulnerability in create.php in Widget Imprint 1.0.26 and earlier allows remote attackers to execute arbitrary SQL commands via the product_id parameter.
CVE-2005-4017 1 Widget Press 1 Widget Property 2024-11-21 N/A
property.php in Widget Property 1.1.19 allows remote attackers to obtain the full server path via an invalid lang value, which leaks the path in the resulting error message.
CVE-2005-4016 1 Widget Press 1 Widget Property 2024-11-21 N/A
SQL injection vulnerability in Widget Property 1.1.19 allows remote attackers to execute arbitrary SQL commands via the (1) property_id, (2) zip_code, (3) property_type_id, (4) price, and (5) city_id parameters to property.php.