Active Web Softwares Activebuyandsell vulnerabilities
2 known vulnerabilities affecting active_web_softwares/activebuyandsell.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2005-2062P3HIGHCVSS 7.5PoCv6.22005-06-29
CVE-2005-2062 [HIGH] CVE-2005-2062: Multiple SQL injection vulnerabilities in ActiveBuyAndSell 6.2 allow remote attackers to execute arb
Multiple SQL injection vulnerabilities in ActiveBuyAndSell 6.2 allow remote attackers to execute arbitrary SQL commands via the catid parameter to (1) default.asp or (2) buyersend.asp, (3) Administrator ID field in admin.asp, E-mail field in (4) advertiserstart.asp or (5) buyer.asp, or Keyword field in search.asp.
nvd
CVE-2005-2063P4MEDIUMCVSS 4.3v6.22005-06-29
CVE-2005-2063 [MEDIUM] CVE-2005-2063: Multiple cross-site scripting (XSS) vulnerabilities in ActiveBuyAndSell 6.2 allow remote attackers t
Multiple cross-site scripting (XSS) vulnerabilities in ActiveBuyAndSell 6.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Title parameter to sendpassword.asp or (2) Keyword field in search.asp.
nvd