Locazo : Security Vulnerabilities, CVEs, CVSS score >= 3
SQL injection vulnerability in main.asp in LocazoList 2.01a beta5 and earlier allows remote attackers to execute arbitrary SQL commands via the subcatID parameter.
Max CVSS
7.5
EPSS Score
0.35%
Published
2007-01-09
Updated
2017-10-19
SQL injection vulnerability in viewmsg.asp in LocazoList Classifieds 1.05e allows remote attackers to execute arbitrary SQL commands via the msgid parameter.
Max CVSS
7.5
EPSS Score
5.34%
Published
2006-06-06
Updated
2018-10-18
Cross-site scripting (XSS) vulnerability in searchdb.asp in LocazoList 1.03c and earlier allows remote attackers to inject arbitrary web script or HTML via the q parameter.
Max CVSS
4.3
EPSS Score
0.25%
Published
2005-12-13
Updated
2008-09-20
SQL injection vulnerability in searchdb.asp in LocazoList 1.03c and earlier allows remote attackers to execute arbitrary SQL commands via the q parameter.
Max CVSS
7.5
EPSS Score
0.65%
Published
2005-12-07
Updated
2011-03-08
4 vulnerabilities found