Softbizscripts
Products
26- 4 CVEs
- 3 CVEs
- 3 CVEs
- 3 CVEs
- 3 CVEs
- 3 CVEs
- 2 CVEs
- 2 CVEs
- 2 CVEs
- 2 CVEs
- 2 CVEs
- 2 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
39| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-15960 | Cri | 0.67 | 9.8 | 0.02 | Oct 29, 2017 | Article Directory Script 3.0 allows SQL Injection via the id parameter to author.php or category.php. | ||
| CVE-2018-25182 | Hig | 0.53 | 8.2 | 0.00 | Mar 6, 2026 | Silurus Classifieds Script 2.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the ID parameter. Attackers can send GET requests to wcategory.php with crafted SQL payloads in the… | ||
| CVE-2010-4905 | 0.03 | — | 0.01 | Oct 8, 2011 | SQL injection vulnerability in article_details.php in Softbiz Article Directory Script allows remote attackers to execute arbitrary SQL commands via the sbiz_id parameter. | |||
| CVE-2009-5003 | 0.03 | — | 0.01 | Sep 22, 2010 | SQL injection vulnerability in click.php in e-soft24 Banner Exchange Script 1.0 allows remote attackers to execute arbitrary SQL commands via the targetid parameter. | |||
| CVE-2010-0758 | 0.03 | — | 0.01 | Feb 27, 2010 | SQL injection vulnerability in news_desc.php in Softbiz Jobs allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||
| CVE-2009-2790 | 0.03 | — | 0.01 | Aug 17, 2009 | SQL injection vulnerability in cat_products.php in SoftBiz Dating Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. NOTE: this might overlap CVE-2006-3271.4. | |||
| CVE-2009-2236 | 0.03 | — | 0.01 | Jun 27, 2009 | SQL injection vulnerability in yad-admin/login.php in Your Article Directory allows remote attackers to execute arbitrary SQL commands via the txtAdminEmail parameter. NOTE: some of these details are obtained from third party information. | |||
| CVE-2009-2235 | 0.03 | — | 0.01 | Jun 27, 2009 | SQL injection vulnerability in page.php in Your Articles Directory allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||
| CVE-2008-6325 | 0.03 | — | 0.01 | Feb 27, 2009 | Multiple cross-site scripting (XSS) vulnerabilities in Softbiz Classifieds Script allow remote attackers to inject arbitrary web script or HTML via the (1) radio parameter to showcategory.php, (2) msg parameter to advertisers/signinform.php, (3) radio parameter to gallery.php,… | |||
| CVE-2008-6306 | 0.03 | — | 0.01 | Feb 26, 2009 | Cross-site scripting (XSS) vulnerability in signinform.php in Softbiz Classifieds Script allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party… | |||
| CVE-2008-5838 | 0.03 | — | 0.01 | Jan 5, 2009 | SQL injection vulnerability in search_results.php in E-Php Scripts E-Shop (aka E-Php Shopping Cart) Shopping Cart Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||
| CVE-2008-4458 | 0.03 | — | 0.01 | Oct 7, 2008 | SQL injection vulnerability in listings.php in E-Php B2B Trading Marketplace Script allows remote attackers to execute arbitrary SQL commands via the cid parameter in a product action. | |||
| CVE-2008-3511 | 0.03 | — | 0.02 | Aug 7, 2008 | Multiple cross-site scripting (XSS) vulnerabilities in Softbiz Image Gallery (Photo Gallery) allow remote attackers to inject arbitrary web script or HTML via the (1) latest parameter to (a) index.php, (b) images.php, (c) suggest_image.php, and (d) image_desc.php; and the (2)… | |||
| CVE-2008-2874 | 0.03 | — | 0.01 | Jun 26, 2008 | SQL injection vulnerability in index.php in Softbiz Jokes & Funny Pics Script allows remote attackers to execute arbitrary SQL commands via the sbjoke_id parameter, a different vector than CVE-2008-1050. | |||
| CVE-2008-2087 | 0.03 | — | 0.01 | May 6, 2008 | SQL injection vulnerability in search_result.php in Softbiz Web Host Directory Script, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the host_id parameter, a different vector than CVE-2005-3817. | |||
| CVE-2008-1050 | 0.03 | — | 0.01 | Feb 27, 2008 | SQL injection vulnerability in index.php in Softbiz Jokes & Funny Pics Script allows remote attackers to execute arbitrary SQL commands via the sbcat_id parameter. | |||
| CVE-2007-6125 | 0.03 | — | 0.01 | Nov 26, 2007 | SQL injection vulnerability in search_form.php in Softbiz Freelancers Script 1 allows remote attackers to execute arbitrary SQL commands via the sb_protype parameter. | |||
| CVE-2007-6124 | 0.03 | — | 0.02 | Nov 26, 2007 | Cross-site scripting (XSS) vulnerability in signin.php in Softbiz Freelancers Script 1 allows remote attackers to inject arbitrary web script or HTML via the errmsg parameter. | |||
| CVE-2007-5998 | 0.03 | — | 0.01 | Nov 15, 2007 | SQL injection vulnerability in ads.php in Softbiz Ad Management plus Script 1 allows remote authenticated users to execute arbitrary SQL commands via the package parameter. | |||
| CVE-2007-5999 | 0.03 | — | 0.01 | Nov 15, 2007 | SQL injection vulnerability in product_desc.php in Softbiz Auctions Script allows remote attackers to execute arbitrary SQL commands via the id parameter. |
- risk 0.67cvss 9.8epss 0.02
Article Directory Script 3.0 allows SQL Injection via the id parameter to author.php or category.php.
- risk 0.53cvss 8.2epss 0.00
Silurus Classifieds Script 2.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the ID parameter. Attackers can send GET requests to wcategory.php with crafted SQL payloads in the…
- CVE-2010-4905Oct 8, 2011risk 0.03cvss —epss 0.01
SQL injection vulnerability in article_details.php in Softbiz Article Directory Script allows remote attackers to execute arbitrary SQL commands via the sbiz_id parameter.
- CVE-2009-5003Sep 22, 2010risk 0.03cvss —epss 0.01
SQL injection vulnerability in click.php in e-soft24 Banner Exchange Script 1.0 allows remote attackers to execute arbitrary SQL commands via the targetid parameter.
- CVE-2010-0758Feb 27, 2010risk 0.03cvss —epss 0.01
SQL injection vulnerability in news_desc.php in Softbiz Jobs allows remote attackers to execute arbitrary SQL commands via the id parameter.
- CVE-2009-2790Aug 17, 2009risk 0.03cvss —epss 0.01
SQL injection vulnerability in cat_products.php in SoftBiz Dating Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. NOTE: this might overlap CVE-2006-3271.4.
- CVE-2009-2236Jun 27, 2009risk 0.03cvss —epss 0.01
SQL injection vulnerability in yad-admin/login.php in Your Article Directory allows remote attackers to execute arbitrary SQL commands via the txtAdminEmail parameter. NOTE: some of these details are obtained from third party information.
- CVE-2009-2235Jun 27, 2009risk 0.03cvss —epss 0.01
SQL injection vulnerability in page.php in Your Articles Directory allows remote attackers to execute arbitrary SQL commands via the id parameter.
- CVE-2008-6325Feb 27, 2009risk 0.03cvss —epss 0.01
Multiple cross-site scripting (XSS) vulnerabilities in Softbiz Classifieds Script allow remote attackers to inject arbitrary web script or HTML via the (1) radio parameter to showcategory.php, (2) msg parameter to advertisers/signinform.php, (3) radio parameter to gallery.php,…
- CVE-2008-6306Feb 26, 2009risk 0.03cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in signinform.php in Softbiz Classifieds Script allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party…
- CVE-2008-5838Jan 5, 2009risk 0.03cvss —epss 0.01
SQL injection vulnerability in search_results.php in E-Php Scripts E-Shop (aka E-Php Shopping Cart) Shopping Cart Script allows remote attackers to execute arbitrary SQL commands via the cid parameter.
- CVE-2008-4458Oct 7, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in listings.php in E-Php B2B Trading Marketplace Script allows remote attackers to execute arbitrary SQL commands via the cid parameter in a product action.
- CVE-2008-3511Aug 7, 2008risk 0.03cvss —epss 0.02
Multiple cross-site scripting (XSS) vulnerabilities in Softbiz Image Gallery (Photo Gallery) allow remote attackers to inject arbitrary web script or HTML via the (1) latest parameter to (a) index.php, (b) images.php, (c) suggest_image.php, and (d) image_desc.php; and the (2)…
- CVE-2008-2874Jun 26, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in index.php in Softbiz Jokes & Funny Pics Script allows remote attackers to execute arbitrary SQL commands via the sbjoke_id parameter, a different vector than CVE-2008-1050.
- CVE-2008-2087May 6, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in search_result.php in Softbiz Web Host Directory Script, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the host_id parameter, a different vector than CVE-2005-3817.
- CVE-2008-1050Feb 27, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in index.php in Softbiz Jokes & Funny Pics Script allows remote attackers to execute arbitrary SQL commands via the sbcat_id parameter.
- CVE-2007-6125Nov 26, 2007risk 0.03cvss —epss 0.01
SQL injection vulnerability in search_form.php in Softbiz Freelancers Script 1 allows remote attackers to execute arbitrary SQL commands via the sb_protype parameter.
- CVE-2007-6124Nov 26, 2007risk 0.03cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in signin.php in Softbiz Freelancers Script 1 allows remote attackers to inject arbitrary web script or HTML via the errmsg parameter.
- CVE-2007-5998Nov 15, 2007risk 0.03cvss —epss 0.01
SQL injection vulnerability in ads.php in Softbiz Ad Management plus Script 1 allows remote authenticated users to execute arbitrary SQL commands via the package parameter.
- CVE-2007-5999Nov 15, 2007risk 0.03cvss —epss 0.01
SQL injection vulnerability in product_desc.php in Softbiz Auctions Script allows remote attackers to execute arbitrary SQL commands via the id parameter.