Preproject
Products
6- 2 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
8| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2010-4959 | 0.03 | — | 0.01 | Oct 9, 2011 | SQL injection vulnerability in the login feature in Pre Projects Pre Podcast Portal allows remote attackers to execute arbitrary SQL commands via the password parameter. | ||
| CVE-2008-6847 | 0.03 | — | 0.02 | Jul 2, 2009 | Cross-site scripting (XSS) vulnerability in Employee/emp_login.asp in Pre ASP Job Board allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | ||
| CVE-2008-6329 | 0.03 | — | 0.01 | Feb 27, 2009 | SQL injection vulnerability in Employee/login.asp in Pre ASP Job Board allows remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password parameters, as reachable from Employee/emp_login.asp. NOTE: some of these details are obtained from third party information. | ||
| CVE-2008-6228 | 0.03 | — | 0.02 | Feb 20, 2009 | Pre Multi-Vendor Shopping Malls allows remote attackers to bypass authentication and gain administrative access by setting the (1) adminname and the (2) adminid cookies to "admin". | ||
| CVE-2008-6227 | 0.03 | — | 0.00 | Feb 20, 2009 | SQL injection vulnerability in buyer_detail.php in Pre Multi-Vendor Shopping Malls allows remote attackers to execute arbitrary SQL commands via the (1) sid and (2) cid parameters. | ||
| CVE-2008-6226 | 0.03 | — | 0.01 | Feb 20, 2009 | SQL injection vulnerability in moreinfo.php in Pre Projects PHP Auto Listings Script, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the itemno parameter. | ||
| CVE-2008-5058 | 0.03 | — | 0.01 | Nov 13, 2008 | SQL injection vulnerability in siteadmin/loginsucess.php in Pre Simple CMS allows remote attackers to execute arbitrary SQL commands via the user parameter, as reachable from siteadmin/adminlogin.php. NOTE: some of these details are obtained from third party information. | ||
| CVE-2008-3310 | 0.03 | — | 0.01 | Jul 25, 2008 | SQL injection vulnerability in default.asp in Pre Survey Poll allows remote attackers to execute arbitrary SQL commands via the catid parameter. |
- CVE-2010-4959Oct 9, 2011risk 0.03cvss —epss 0.01
SQL injection vulnerability in the login feature in Pre Projects Pre Podcast Portal allows remote attackers to execute arbitrary SQL commands via the password parameter.
- CVE-2008-6847Jul 2, 2009risk 0.03cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in Employee/emp_login.asp in Pre ASP Job Board allows remote attackers to inject arbitrary web script or HTML via the msg parameter.
- CVE-2008-6329Feb 27, 2009risk 0.03cvss —epss 0.01
SQL injection vulnerability in Employee/login.asp in Pre ASP Job Board allows remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password parameters, as reachable from Employee/emp_login.asp. NOTE: some of these details are obtained from third party information.
- CVE-2008-6228Feb 20, 2009risk 0.03cvss —epss 0.02
Pre Multi-Vendor Shopping Malls allows remote attackers to bypass authentication and gain administrative access by setting the (1) adminname and the (2) adminid cookies to "admin".
- CVE-2008-6227Feb 20, 2009risk 0.03cvss —epss 0.00
SQL injection vulnerability in buyer_detail.php in Pre Multi-Vendor Shopping Malls allows remote attackers to execute arbitrary SQL commands via the (1) sid and (2) cid parameters.
- CVE-2008-6226Feb 20, 2009risk 0.03cvss —epss 0.01
SQL injection vulnerability in moreinfo.php in Pre Projects PHP Auto Listings Script, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the itemno parameter.
- CVE-2008-5058Nov 13, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in siteadmin/loginsucess.php in Pre Simple CMS allows remote attackers to execute arbitrary SQL commands via the user parameter, as reachable from siteadmin/adminlogin.php. NOTE: some of these details are obtained from third party information.
- CVE-2008-3310Jul 25, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in default.asp in Pre Survey Poll allows remote attackers to execute arbitrary SQL commands via the catid parameter.