VYPR
Vendor

Qsoft Inc

Products
4
CVEs
7
Across products
10
Status
Private

Products

4

Recent CVEs

7
  • CVE-2010-2457Jun 25, 2010
    risk 0.03cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in index.php in K-Search allows remote attackers to inject arbitrary web script or HTML via the term parameter.

  • CVE-2008-7099Aug 27, 2009
    risk 0.03cvss epss 0.02

    Unspecified vulnerability in the Manage Templates feature in Qsoft K-Rate Premium allows remote attackers to execute arbitrary PHP code via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

  • CVE-2008-7098Aug 27, 2009
    risk 0.03cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in Qsoft K-Rate Premium allow remote attackers to inject arbitrary web script or HTML via the blog, possibly the (1) Title and (2) Text fields; (3) the gallery, possibly the Description field in Your Pictures; (4) the forum,…

  • CVE-2008-7097Aug 27, 2009
    risk 0.03cvss epss 0.02

    Multiple SQL injection vulnerabilities in Qsoft K-Rate Premium allow remote attackers to execute arbitrary SQL commands via (1) the $id variable in admin/includes/dele_cpac.php, (2) $ord[order_id] variable in payments/payment_received.php, (3) $id variable in…

  • CVE-2008-3581Aug 10, 2008
    risk 0.03cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in index.php in Qsoft K-Links allows remote attackers to inject arbitrary web script or HTML via the login_message parameter in a login action.

  • CVE-2008-3580Aug 10, 2008
    risk 0.03cvss epss 0.01

    Multiple SQL injection vulnerabilities in Qsoft K-Links allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to visit.php, or the PATH_INFO to the default URI under (2) report/, (3) addreview/, or (4) refer/.

  • CVE-2005-3868Nov 29, 2005
    risk 0.03cvss epss 0.01

    Multiple SQL injection vulnerabilities in K-Search 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) term, (2) id, (3) stat, and (4) source parameters to index.php, and (5) through the image parameters with an add request.