Vendor

Creascripts

Products

CVEs

Across products

Status

Private

Products

CVE	Vendor / Product	Risk	CVSS	EPSS	Published	Description
CVE-2007-2342	Creascripts Creadirectory	0.03	—	0.01	Apr 27, 2007	SQL injection vulnerability in error.asp in CreaScripts CreaDirectory 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2006-6083.
CVE-2006-6082	Creascripts Creadirectory	0.03	—	0.02	Nov 24, 2006	Multiple cross-site scripting (XSS) vulnerabilities in CreaScripts Creadirectory allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to addlisting.asp or the (2) search parameter to search.asp.
CVE-2006-6083	Creascripts Creadirectory	0.03	—	0.01	Nov 24, 2006	SQL injection vulnerability in search.asp in CreaScripts Creadirectory allows remote attackers to execute arbitrary SQL commands via the category parameter.

CVE-2007-2342Apr 27, 2007
Creascripts
Creadirectory
risk 0.03cvss —epss 0.01
SQL injection vulnerability in error.asp in CreaScripts CreaDirectory 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2006-6083.
CVE-2006-6082Nov 24, 2006
Creascripts
Creadirectory
risk 0.03cvss —epss 0.02
Multiple cross-site scripting (XSS) vulnerabilities in CreaScripts Creadirectory allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to addlisting.asp or the (2) search parameter to search.asp.
CVE-2006-6083Nov 24, 2006
Creascripts
Creadirectory
risk 0.03cvss —epss 0.01
SQL injection vulnerability in search.asp in CreaScripts Creadirectory allows remote attackers to execute arbitrary SQL commands via the category parameter.