Digiappz: Security Vulnerabilities
Multiple SQL injection vulnerabilities in login.asp in Digiappz DigiAffiliate 1.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) admin and (2) password fields.
CVSS Score
7.5
EPSS Score
0.001
Published
2009-03-18
SQL injection vulnerability in info_book.asp in DigiLeave 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the book_id parameter.
CVSS Score
7.5
EPSS Score
0.002
Published
2008-07-25
Multiple cross-site scripting (XSS) vulnerabilities in Digiappz DigiDomain 2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) domain parameter to lookup_result.asp, and the (2) word1 and (3) word2 parameters to suggest_result.asp.
CVSS Score
4.3
EPSS Score
0.004
Published
2008-03-31
Multiple cross-site scripting (XSS) vulnerabilities in Digirez 3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) Room_name parameter to room/info_book.asp or the (2) curYear parameter to room/week.asp.
CVSS Score
4.3
EPSS Score
0.005
Published
2007-05-29
SQL injection vulnerability in visu_user.asp in Digiappz DigiAffiliate 1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVSS Score
7.5
EPSS Score
0.004
Published
2007-01-18
SQL injection vulnerability in info_book.asp in Digirez 3.4 and earlier allows remote attackers to execute arbitrary SQL commands via the book_id parameter.
CVSS Score
7.5
EPSS Score
0.003
Published
2007-01-09
Multiple SQL injection vulnerabilities in login_verif.asp in Digiappz Freekot 1.01 allow remote attackers to execute arbitrary SQL commands via the (1) login or (2) password parameters. NOTE: some of these details are obtained from third party information.
CVSS Score
7.5
EPSS Score
0.012
Published
2006-09-01