VYPR
Vendor

Softbizscripts

Products
26
CVEs
39
Across products
46
Status
Private

Products

26

Recent CVEs

39
View all 39 CVEs →
  • CVE-2017-15960CriOct 29, 2017
    risk 0.67cvss 9.8epss 0.02

    Article Directory Script 3.0 allows SQL Injection via the id parameter to author.php or category.php.

  • CVE-2018-25182HigMar 6, 2026
    risk 0.53cvss 8.2epss 0.00

    Silurus Classifieds Script 2.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the ID parameter. Attackers can send GET requests to wcategory.php with crafted SQL payloads in the…

  • CVE-2010-4905Oct 8, 2011
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in article_details.php in Softbiz Article Directory Script allows remote attackers to execute arbitrary SQL commands via the sbiz_id parameter.

  • CVE-2009-5003Sep 22, 2010
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in click.php in e-soft24 Banner Exchange Script 1.0 allows remote attackers to execute arbitrary SQL commands via the targetid parameter.

  • CVE-2010-0758Feb 27, 2010
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in news_desc.php in Softbiz Jobs allows remote attackers to execute arbitrary SQL commands via the id parameter.

  • CVE-2009-2790Aug 17, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in cat_products.php in SoftBiz Dating Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. NOTE: this might overlap CVE-2006-3271.4.

  • CVE-2009-2236Jun 27, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in yad-admin/login.php in Your Article Directory allows remote attackers to execute arbitrary SQL commands via the txtAdminEmail parameter. NOTE: some of these details are obtained from third party information.

  • CVE-2009-2235Jun 27, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in page.php in Your Articles Directory allows remote attackers to execute arbitrary SQL commands via the id parameter.

  • CVE-2008-6325Feb 27, 2009
    risk 0.03cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in Softbiz Classifieds Script allow remote attackers to inject arbitrary web script or HTML via the (1) radio parameter to showcategory.php, (2) msg parameter to advertisers/signinform.php, (3) radio parameter to gallery.php,…

  • CVE-2008-6306Feb 26, 2009
    risk 0.03cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in signinform.php in Softbiz Classifieds Script allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party…

  • CVE-2008-5838Jan 5, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in search_results.php in E-Php Scripts E-Shop (aka E-Php Shopping Cart) Shopping Cart Script allows remote attackers to execute arbitrary SQL commands via the cid parameter.

  • CVE-2008-4458Oct 7, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in listings.php in E-Php B2B Trading Marketplace Script allows remote attackers to execute arbitrary SQL commands via the cid parameter in a product action.

  • CVE-2008-3511Aug 7, 2008
    risk 0.03cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in Softbiz Image Gallery (Photo Gallery) allow remote attackers to inject arbitrary web script or HTML via the (1) latest parameter to (a) index.php, (b) images.php, (c) suggest_image.php, and (d) image_desc.php; and the (2)…

  • CVE-2008-2874Jun 26, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in Softbiz Jokes & Funny Pics Script allows remote attackers to execute arbitrary SQL commands via the sbjoke_id parameter, a different vector than CVE-2008-1050.

  • CVE-2008-2087May 6, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in search_result.php in Softbiz Web Host Directory Script, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the host_id parameter, a different vector than CVE-2005-3817.

  • CVE-2008-1050Feb 27, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in Softbiz Jokes & Funny Pics Script allows remote attackers to execute arbitrary SQL commands via the sbcat_id parameter.

  • CVE-2007-6125Nov 26, 2007
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in search_form.php in Softbiz Freelancers Script 1 allows remote attackers to execute arbitrary SQL commands via the sb_protype parameter.

  • CVE-2007-6124Nov 26, 2007
    risk 0.03cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in signin.php in Softbiz Freelancers Script 1 allows remote attackers to inject arbitrary web script or HTML via the errmsg parameter.

  • CVE-2007-5998Nov 15, 2007
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in ads.php in Softbiz Ad Management plus Script 1 allows remote authenticated users to execute arbitrary SQL commands via the package parameter.

  • CVE-2007-5999Nov 15, 2007
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in product_desc.php in Softbiz Auctions Script allows remote attackers to execute arbitrary SQL commands via the id parameter.