ajsquare

Top products

The 15 most recently published vulnerabilities affecting ajsquare.

• CVE-2015-2182Multiple cross-site scripting (XSS) vulnerabilities in ZeusCart 4 allow remote attackers to inject arbitrary web script or HTML via the (1) schltr parameter in a brands action or (2) brand paramete...4.3Mar 11, 2015
• CVE-2010-5322Cross-site scripting (XSS) vulnerability in ZeusCart 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter in a search action to index.php.4.3Mar 11, 2015
• CVE-2015-2184ZeusCart 4 allows remote attackers to obtain configuration information via a getphpinfo action to admin/, which calls the phpinfo function.5.0Mar 10, 2015
• CVE-2009-4989Cross-site scripting (XSS) vulnerability in index.php in AJ Auction Pro OOPD 3.0 allows remote attackers to inject arbitrary web script or HTML via the txtkeyword parameter in a search action.4.3Aug 25, 2010
• CVE-2010-2917Multiple cross-site scripting (XSS) vulnerabilities in index.php in AJ Square AJ Article 3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) emailid, (2) fname, (3) lname,...4.3Jul 30, 2010
• CVE-2010-2916SQL injection vulnerability in news.php in AJ Square AJ HYIP MERIDIAN allows remote attackers to execute arbitrary SQL commands via the id parameter.7.5Jul 30, 2010
• CVE-2010-2915SQL injection vulnerability in welcome.php in AJ Square AJ HYIP PRIME allows remote attackers to execute arbitrary SQL commands via the id parameter.7.5Jul 30, 2010
• CVE-2010-1876SQL injection vulnerability in index.php in AJ Shopping Cart 1.0 allows remote attackers to execute arbitrary SQL commands via the maincatid parameter in a showmaincatlanding action.7.5May 11, 2010
• CVE-2009-3203SQL injection vulnerability in store.php in AJ Auction Pro OOPD 2.x allows remote attackers to execute arbitrary SQL commands via the id parameter.7.5Sep 16, 2009
• CVE-2008-7051AJ Square AJ Article allows remote attackers to bypass authentication and access administrator functionality via a direct request to (1) user.php, (2) articles.php, (3) articlesuspend.php, (4) site...7.5Aug 24, 2009
• CVE-2008-7046AJ Square Free Polling Script (AJPoll) allows remote attackers to bypass authentication and create new polls via a direct request to admin/include/newpoll.php, a different vector than CVE-2008-7045...6.4Aug 24, 2009
• CVE-2008-7045AJ Square Free Polling Script (AJPoll) Database version allows remote attackers to bypass authentication and reset poll votes via a direct request to admin/resetvote.php.6.4Aug 24, 2009
• CVE-2008-7044SQL injection vulnerability in admin/include/newpoll.php in AJ Square Free Polling Script (AJPoll) Database version allows remote attackers to execute arbitrary SQL commands via the ques parameter.7.5Aug 24, 2009
• CVE-2008-7041AJ Classifieds allows remote attackers to bypass authentication and gain administrator privileges via a direct request to admin/home.php.7.5Aug 24, 2009
• CVE-2009-2779SQL injection vulnerability in index.php in AJ Matrix DNA allows remote attackers to execute arbitrary SQL commands via the id parameter in a productdetail action.7.5Aug 17, 2009