Filtered by vendor Preprojects
Subscribe
Total
29 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-6888 | 1 Preprojects | 1 Pre Classified Listings | 2025-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in signup.asp in Pre Classified Listings 1.0 allows remote attackers to inject arbitrary web script or HTML via the address parameter. | |||||
| CVE-2008-2917 | 1 Preprojects | 1 E-smart Cart | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in productsofcat.asp in E-SMART CART allows remote attackers to execute arbitrary SQL commands via the category_id parameter. | |||||
| CVE-2008-6716 | 1 Preprojects | 1 Pre Ads Portal | 2025-04-09 | 7.5 HIGH | N/A |
| homeadmin/adminhome.php in Pre ADS Portal 2.0 and earlier does not require administrative authentication, which allows remote attackers to have an unspecified impact via a direct request. | |||||
| CVE-2008-2114 | 1 Preprojects | 1 Pre Shopping Mall | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in emall/search.php in Pre Shopping Mall 1.1 allows remote attackers to execute arbitrary SQL commands via the search parameter. | |||||
| CVE-2008-7052 | 1 Preprojects | 1 Pre Real Estate Listings | 2025-04-09 | 6.5 MEDIUM | N/A |
| Unrestricted file upload vulnerability in profile.php in Pre Projects Pre Real Estate Listings allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a profile logo, then accessing it via a direct request to the file in re_images/. | |||||
| CVE-2008-6055 | 1 Preprojects | 1 Pre Classified Listings | 2025-04-09 | 5.0 MEDIUM | N/A |
| PreProjects Pre Classified Listings stores pclasp.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request. | |||||
| CVE-2008-5977 | 1 Preprojects | 1 Php Jobwebsite Pro | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in siteadmin/forgot.php in PHP JOBWEBSITE PRO allows remote attackers to execute arbitrary SQL commands via the adname parameter in a Submit action. | |||||
| CVE-2008-6887 | 1 Preprojects | 1 Pre Classified Listings | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in detailad.asp in Pre Classified Listings 1.0 allows remote attackers to execute arbitrary SQL commands via the siteid parameter. | |||||
| CVE-2008-6053 | 1 Preprojects | 1 Pre Resume Submitter | 2025-04-09 | 5.0 MEDIUM | N/A |
| PreProjects Pre Resume Submitter stores onlineresume.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request. | |||||