6638 matches found
Sql injection
SQL injection vulnerability in Mambo before 4.5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors in cancel edit functions, possibly related to the id parameter...
Sql injection
SQL injection vulnerability in view.php in Noname Media Photo Galerie Standard 1.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2007-0789
SQL injection vulnerability in Mambo before 4.5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors in cancel edit functions, possibly related to the id parameter...
Sql injection
SQL injection vulnerability in newsdetail.asp in ASP NEWS 3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2007-0374
SQL injection vulnerability in 1 Joomla! 1.0.11 and 1.5 Beta, and 2 Mambo 4.6.1, allows remote attackers to execute arbitrary SQL commands via the id parameter when cancelling content editing...
Sql injection
SQL injection vulnerability in email.php in MGB OpenSource Guestbook 0.5.4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter...
PT-2007-1825 · Mgb · Mgb Opensource Guestbook
Name of the Vulnerable Software and Affected Versions: MGB OpenSource Guestbook versions 0.5.4.5 and earlier Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the id parameter in the email.php file. Recommendations: For MGB OpenSource Guestbook...
Sql injection
SQL injection vulnerability in duyuru.asp in MiNT Haber Sistemi 2.7 allows remote attackers to execute arbitrary SQL commands via the id parameter...
Sql injection
SQL injection vulnerability in etkinlikbak.asp in Okul Web Otomasyon Sistemi 4.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter...
Sql injection
SQL injection vulnerability in visuuser.asp in Digiappz DigiAffiliate 1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2006-6930
SQL injection vulnerability in viewad.asp in Rapid Classified 3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2006-6927
Multiple SQL injection vulnerabilities in Rialto 1.6 allow remote attackers to execute arbitrary SQL commands via 1 the uname username and 2 pword passwd fields in a admin/default.asp; the 3 ID parameter to b listfull.asp or c printmain.asp; the 4 cat parameter to d listmain.asp, e...
PT-2007-1209 · Rapid · Rapid Classified
Name of the Vulnerable Software and Affected Versions: Rapid Classified version 3.1 Description: The issue allows remote attackers to inject arbitrary web script or HTML, potentially leading to cross-site scripting XSS attacks. This can be achieved through various parameters in different scripts,...
Sql injection
SQL injection vulnerability in user.php in iGeneric iG Calendar 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter...
Sql injection
SQL injection vulnerability in page.php in Simple Web Content Management System allows remote attackers to execute arbitrary SQL commands via the id parameter...
Sql injection
SQL injection vulnerability in haberdetay.asp in Vizayn Haber allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2006-6806
SQL injection vulnerability in newsdetail.asp in Enthrallweb eMates 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter...
CVE-2006-6805
SQL injection vulnerability in newsdetail.asp in Enthrallweb eJobs allows remote attackers to execute arbitrary SQL commands via the ID parameter...
CVE-2006-6804
CVE-2006-6804 affects Dragon Business Directory - Pro (aka Dragon Internet Business Search Directory - Pro) and is due to an SQL injection in bus_details.asp. The vulnerability is exploitable via the ID parameter in versions 3.01.12 and earlier. Impacted data can be partially disclosed or corrupt...
CVE-2006-6671
SQL injection vulnerability in down.asp in Burak Yylmaz Download Portal allows remote attackers to execute arbitrary SQL commands via the id parameter...