Tr-Shark

#6503of 53,630
41.8Total CVSS
Vulnerabilities · 6
Medium
1
High
5
PT-2009-1823
7.5
2009-03-02
Turnkeyforms · Turnkeyforms Local Classifieds · CVE-2008-6350
Name of the Vulnerable Software and Affected Versions: TurnkeyForms Local Classifieds (affected versions not specified) Description: A SQL injection issue exists, allowing remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the `r` parameter in the listtest.php file. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2009-1824
4.3
2009-03-02
Turnkeyforms · Turnkeyforms Local Classifieds · CVE-2008-6351
Name of the Vulnerable Software and Affected Versions: TurnkeyForms Local Classifieds (affected versions not specified) Description: The issue is related to a cross-site scripting (XSS) vulnerability. This vulnerability allows remote attackers to inject arbitrary web script or HTML via the `r` parameter in the listtest.php file. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2009-1783
7.5
2009-02-27
W3Matter · W3Matter Askpert · CVE-2008-6309
Name of the Vulnerable Software and Affected Versions: W3matter AskPert (affected versions not specified) Description: A SQL injection issue exists, allowing remote attackers to execute arbitrary SQL commands. This is achieved via the `f[password]` parameter in the "index.php" file. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2009-1717
7.5
2009-02-23
Scripts For Sites · Scripts For Sites (Sfs) Hotscripts-Like Site · CVE-2008-6243
Name of the Vulnerable Software and Affected Versions: Scripts For Sites (SFS) Hotscripts-like Site (affected versions not specified) Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `cid` parameter in the "showcategory.php" file. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2008-6838
7.5
2008-12-31
Domain Seller Pro · Domain Seller Pro · CVE-2008-5788
**Name of the Vulnerable Software and Affected Versions** Domain Seller Pro version 1.5 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `id` parameter in the "index.php" file. **Recommendations** For Domain Seller Pro version 1.5, avoid using the `id` parameter in the index.php file until the issue is resolved. As a temporary workaround, consider restricting access to the index.php file to minimize the risk of exploitation.
PT-2008-6068
7.5
2008-11-03
1St News · 1St News 4 Professional · CVE-2008-4890
**Name of the Vulnerable Software and Affected Versions** 1st News 4 Professional (PR 1) **Description** A SQL injection issue allows remote attackers to execute arbitrary SQL commands via the `id` parameter in the products.php file. **Recommendations** For 1st News 4 Professional (PR 1), consider restricting access to the `id` parameter in the products.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.