Filtered by vendor Preprojects
Subscriptions
Total
29 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-2916 | 1 Preprojects | 1 Pre Ads Portal | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in Pre ADS Portal 2.0 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) cid parameter to showcategory.php and the (2) id parameter to software-description.php. | ||||
| CVE-2008-2917 | 1 Preprojects | 1 E-smart Cart | 2025-04-09 | N/A |
| SQL injection vulnerability in productsofcat.asp in E-SMART CART allows remote attackers to execute arbitrary SQL commands via the category_id parameter. | ||||
| CVE-2008-2114 | 1 Preprojects | 1 Pre Shopping Mall | 2025-04-09 | N/A |
| SQL injection vulnerability in emall/search.php in Pre Shopping Mall 1.1 allows remote attackers to execute arbitrary SQL commands via the search parameter. | ||||
| CVE-2008-4177 | 1 Preprojects | 1 Pre Real Estate Listings | 2025-04-09 | N/A |
| SQL injection vulnerability in search.php in Pre Real Estate Listings allows remote attackers to execute arbitrary SQL commands via the c parameter. | ||||
| CVE-2008-5976 | 1 Preprojects | 1 Php Jobwebsite Pro | 2025-04-09 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in siteadmin/forgot.php in PHP JOBWEBSITE PRO allow remote attackers to inject arbitrary web script or HTML via (1) the adname parameter in a Submit action or (2) the UserName field. | ||||
| CVE-2008-5977 | 1 Preprojects | 1 Php Jobwebsite Pro | 2025-04-09 | N/A |
| SQL injection vulnerability in siteadmin/forgot.php in PHP JOBWEBSITE PRO allows remote attackers to execute arbitrary SQL commands via the adname parameter in a Submit action. | ||||
| CVE-2008-6055 | 1 Preprojects | 1 Pre Classified Listings | 2025-04-09 | N/A |
| PreProjects Pre Classified Listings stores pclasp.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request. | ||||
| CVE-2008-6230 | 1 Preprojects | 1 Pre Podcast Portal | 2025-04-09 | N/A |
| SQL injection vulnerability in Tour.php in Pre Projects Pre Podcast Portal allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-6231 | 1 Preprojects | 1 Pre Classified Listings | 2025-04-09 | N/A |
| Pre Classified Listing PHP allows remote attackers to bypass authentication and gain administrative access by setting the (1) adminname and the (2) adminid cookies to "admin". | ||||