VYPR

Web Hosting Directory Script

by Softbizscripts

CVEs (2)

  • CVE-2008-2087May 6, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in search_result.php in Softbiz Web Host Directory Script, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the host_id parameter, a different vector than CVE-2005-3817.

  • CVE-2005-3817Nov 26, 2005
    risk 0.03cvss epss 0.04

    Multiple SQL injection vulnerabilities in Softbiz Web Host Directory Script 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) cid parameter in search_result.php, (2) sbres_id parameter in review.php, (3) cid parameter in browsecats.php, (4)…