Vendor

Vcd Db

Products

CVEs

Across products

Status

Private

Products

CVE	Risk	CVSS	EPSS	Published	Description
CVE-2005-4240	0.03	—	0.00	Dec 14, 2005	SQL injection vulnerability in search.php in VCD-db 0.98 and earlier allows remote attackers to execute arbitrary SQL commands via the by parameter.
CVE-2005-4241	0.03	—	0.01	Dec 14, 2005	Cross-site scripting (XSS) vulnerability in the category page in VCD-db 0.98 and earlier allows remote attackers to inject arbitrary web script or HTML via the batch parameter.
CVE-2006-4628	0.00	—	0.00	Sep 8, 2006	Cross-site scripting (XSS) vulnerability in VCD-db before 0.983 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors when handling comments.

CVE-2005-4240Dec 14, 2005
risk 0.03cvss —epss 0.00
SQL injection vulnerability in search.php in VCD-db 0.98 and earlier allows remote attackers to execute arbitrary SQL commands via the by parameter.
CVE-2005-4241Dec 14, 2005
risk 0.03cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in the category page in VCD-db 0.98 and earlier allows remote attackers to inject arbitrary web script or HTML via the batch parameter.
CVE-2006-4628Sep 8, 2006
risk 0.00cvss —epss 0.00
Cross-site scripting (XSS) vulnerability in VCD-db before 0.983 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors when handling comments.