Vastal : Security Vulnerabilities, CVEs, Published In 2008 CVSS score >= 4
SQL injection vulnerability in groups.php in Vastal I-Tech phpVID 1.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter, a different vector than CVE-2007-3610. NOTE: it was later reported that 1.2.3 is also affected.
Max CVSS
7.5
EPSS Score
0.29%
Published
2008-09-22
Updated
2017-09-29
SQL injection vulnerability in keyword_search_action.php in Vastal I-Tech Shaadi Zone 1.0.9 allows remote attackers to execute arbitrary SQL commands via the tage parameter.
Max CVSS
7.5
EPSS Score
0.11%
Published
2008-09-11
Updated
2017-09-29
SQL injection vulnerability in view_ann.php in Vastal I-Tech Agent Zone (aka The Real Estate Script) allows remote attackers to execute arbitrary SQL commands via the ann_id parameter.
Max CVSS
7.5
EPSS Score
0.11%
Published
2008-09-11
Updated
2017-09-29
Cross-site scripting (XSS) vulnerability in search_results.php in Vastal I-Tech phpVID 1.1 and 1.2 allows remote attackers to inject arbitrary web script or HTML via the query parameter. NOTE: some of these details are obtained from third party information. NOTE: it was later reported that 1.2.3 is also affected.
Max CVSS
4.3
EPSS Score
0.48%
Published
2008-05-19
Updated
2017-09-29
4 vulnerabilities found