Filtered by vendor 2daybiz
Subscribe
Total
25 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-1651 | 1 2daybiz | 1 Business Community Script | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/member_details.php in 2daybiz Business Community Script allows remote attackers to execute arbitrary SQL commands via the mid parameter. | |||||
| CVE-2009-1652 | 1 2daybiz | 1 Business Community Script | 2017-09-28 | 7.5 HIGH | N/A |
| admin/adminaddeditdetails.php in Business Community Script does not properly restrict access, which allows remote attackers to gain privileges and add administrators via a direct request. | |||||
| CVE-2009-1767 | 1 2daybiz | 1 Template Monster Clone | 2017-09-28 | 5.0 MEDIUM | N/A |
| admin/edituser.php in 2daybiz Template Monster Clone does not require administrative authentication, which allows remote attackers to modify arbitrary accounts via the (1) loginname, (2) password, (3) email, (4) firstname, or (5) lastname parameter. | |||||
| CVE-2009-1819 | 1 2daybiz | 1 Custom T-shirt Design Script | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in product.php in 2daybiz Custom T-shirt Design Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-1820 | 1 2daybiz | 1 Custom T-shirt Design Script | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in product.php in 2daybiz Custom T-shirt Design Script allows remote attackers to inject arbitrary web script or HTML via the id parameter. | |||||
| CVE-2011-5215 | 1 2daybiz | 1 Video Community Portal Script | 2017-08-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Video Community Portal allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-5015 | 1 2daybiz | 1 Network Community Script | 2017-08-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_photo.php in 2daybiz Network Community Script allows remote attackers to execute arbitrary SQL commands via the alb parameter. | |||||
| CVE-2010-1706 | 1 2daybiz | 1 Auction Script | 2017-08-16 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in login.php in 2daybiz Auction Script allow remote attackers to execute arbitrary SQL commands via (1) the login field (aka the username parameter), and possibly (2) the password field, to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-2458 | 1 2daybiz | 1 Video Community Portal Script | 2017-08-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in video.php in 2daybiz Video Community Portal Script 1.0 allows remote attackers to inject arbitrary web script or HTML via the videoid parameter. | |||||
| CVE-2010-2459 | 1 2daybiz | 1 Video Community Portal Script | 2017-08-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in video.php in 2daybiz Video Community Portal Script 1.0 allows remote attackers to execute arbitrary SQL commands via the videoid parameter. | |||||
| CVE-2010-1703 | 1 2daybiz | 1 Polls Script | 2017-08-16 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index_search.php in 2daybiz Polls (aka Advanced Poll) Script allow remote attackers to inject arbitrary web script or HTML via the (1) category parameter or (2) search field. | |||||
| CVE-2010-2609 | 1 2daybiz | 1 Job Search Engine Script | 2017-08-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in show_search_result.php in 2daybiz Job Search Engine Script allows remote attackers to execute arbitrary SQL commands via the keyword parameter. | |||||
| CVE-2010-2610 | 1 2daybiz | 1 Job Site Script | 2017-08-16 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in 2daybiz Job Site Script allow remote attackers to execute arbitrary SQL commands via the (1) jid parameter to view_current_job.php, (2) job_iid parameter to show_search_more.php, and (3) left_cat parameter to show_search_result.php. | |||||
| CVE-2010-2691 | 1 2daybiz | 1 Custom T-shirt Design Script | 2017-08-16 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in 2daybiz Custom T-Shirt Design Script allow remote attackers to execute arbitrary SQL commands via the (1) sbid parameter to products_details.php, (2) pid parameter to products/products.php, and (3) designid parameter to designview.php. | |||||
| CVE-2010-2692 | 1 2daybiz | 1 Custom T-shirt Design Script | 2017-08-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in 2daybiz Custom T-Shirt Design Script allows remote attackers to inject arbitrary web script or HTML via a review comment. | |||||
| CVE-2010-1704 | 1 2daybiz | 1 Polls Script | 2017-08-16 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in 2daybiz Polls (aka Advanced Poll) Script allow remote attackers to execute arbitrary SQL commands via (1) the password field to login.php, (2) the login field (aka email parameter) to login.php, (3) the password field (aka pass parameter) to the default URI under admin/, and possibly (4) the login field to the default URI under admin/. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-5019 | 1 2daybiz | 1 Online Classified Script | 2011-11-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_photo.php in 2daybiz Online Classified Script allows remote attackers to execute arbitrary SQL commands via the alb parameter. | |||||
| CVE-2010-5004 | 1 2daybiz | 1 Polls Script | 2011-11-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in searchvote.php in 2daybiz Polls (aka Advanced Poll) Script allows remote attackers to execute arbitrary SQL commands via the category parameter. | |||||
| CVE-2010-5018 | 1 2daybiz | 1 Online Classified Script | 2011-11-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in products/classified/headersearch.php in 2daybiz Online Classified Script allows remote attackers to inject arbitrary web script or HTML via the sid parameter. | |||||
| CVE-2010-2516 | 1 2daybiz | 1 Multi Level Marketing Software | 2010-06-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in 2daybiz Multi Level Marketing (MLM) Software allow remote attackers to execute arbitrary SQL commands via the username parameter to (1) index.php and (2) admin/index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||