Orbitscripts: >> Smartppc Pro Security Vulnerabilities
SQL injection vulnerability in directory.php in SmartPPC and SmartPPC Pro allows remote attackers to execute arbitrary SQL commands via the idDirectory parameter.
CVSS Score
7.5
EPSS Score
0.004
Published
2008-07-11
Multiple cross-site scripting (XSS) vulnerabilities in SmartPPC Pro allow remote attackers to inject arbitrary web script or HTML via the username parameter in (1) directory.php, (2) frames.php, and (3) search.php.
CVSS Score
4.3
EPSS Score
0.009
Published
2005-11-26