86 matches found
CVE-2009-3754
creationtimestamp| type| source ---|---|--- 2009-07-10 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/9101...
CVE-2008-3754
In CVE-2008-3754, the YourFreeWorld Stylish Text Ads Script is affected via an SQL injection in the file trl.php, where the id parameter is used unsafely. The underlying issue is improper input handling that allows remote attackers to execute arbitrary SQL commands. The available connected docume...
CVE-2008-3754
creationtimestamp| type| source ---|---|--- 2008-06-19 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/32281...
CVE-2006-3754
CVE-2006-3754 is a PHP remote file inclusion vulnerability in FlushCMS 1.0.0-pre2 and earlier. The flaw resides in Include/editor/rich_files/class.rich.php, where an attacker can cause remote PHP code execution by supplying a URL in the class_path parameter. The connected documents confirm the af...
CVE-2005-3754
CVE-2005-3754 describes a cross-site scripting (XSS) vulnerability in the Google Mini Search Appliance, and possibly Google Search Appliance, caused by insufficient sanitization of the proxystylesheet parameter. The flaw allows remote attackers to inject arbitrary Javascript (and potentially othe...
CVE-2005-3754
Cross-site scripting XSS vulnerability in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to inject arbitrary Javascript, and possibly other web script or HTML, via the proxystylesheet variable, which will be executed in the resulting error message...