digiappz 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
一般的な弱点パターンには vendor risk sql injection and vendor risk cross-site scripting があり、vendor surface production workloads and vendor surface software deployment の利用場面で vendor impact data exposure and vendor impact session compromise などのリスクが生じる可能性があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2008-6487 | Multiple SQL injection vulnerabilities in login.asp in Digiappz DigiAffiliate 1.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) admin and (2) password fields. | [email protected] | 7.5 | 0.41% | 2009-03-18 | 2026-04-23 |
| CVE-2008-3309 | SQL injection vulnerability in info_book.asp in DigiLeave 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the book_id parameter. | [email protected] | 7.5 | 0.37% | 2008-07-25 | 2026-04-23 |
| CVE-2008-1560 | Multiple cross-site scripting (XSS) vulnerabilities in Digiappz DigiDomain 2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) domain parameter to lookup_result.asp, and the (2) word1 and (3) word2 parameters to suggest_result.asp. | [email protected] | 4.3 | 0.84% | 2008-03-31 | 2026-04-23 |
| CVE-2007-2880 | Multiple cross-site scripting (XSS) vulnerabilities in Digirez 3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) Room_name parameter to room/info_book.asp or the (2) curYear parameter to room/week.asp. | [email protected] | 4.3 | 0.47% | 2007-05-29 | 2026-04-23 |
| CVE-2007-0306 | SQL injection vulnerability in visu_user.asp in Digiappz DigiAffiliate 1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | [email protected] | 7.5 | 1.14% | 2007-01-18 | 2026-04-23 |
| CVE-2007-0128 | SQL injection vulnerability in info_book.asp in Digirez 3.4 and earlier allows remote attackers to execute arbitrary SQL commands via the book_id parameter. | [email protected] | 7.5 | 1.31% | 2007-01-09 | 2026-04-23 |
| CVE-2006-4524 | Multiple SQL injection vulnerabilities in login_verif.asp in Digiappz Freekot 1.01 allow remote attackers to execute arbitrary SQL commands via the (1) login or (2) password parameters. NOTE: some of these details are obtained from third party information. | [email protected] | 7.5 | 2.84% | 2006-09-01 | 2026-04-16 |