Sql injection

Multiple SQL injection vulnerabilities in index.php in phpMySport 1.4, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 v2 parameter in a member view action, 2 v1 parameter in a news action, 3 v1 parameter in an information action, 4 v2 parameter...

CVE-2010-1109

Multiple SQL injection vulnerabilities in index.php of phpMySport 1.4 allow remote attackers to execute arbitrary SQL commands when magic_quotes_gpc is disabled. Exploitable via several parameters across different actions: v2 in member view, v1 in news, v1 in information, and v2 in team, club, or...

CVE-2010-1113

Cross-site scripting XSS vulnerability in the forum page in Web Server Creator - Web Portal 0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors to index.php...

justVisual 2.0 - index.php Local File Inclusion

justVisual 2.0 - index.php Local File Inclusion justVisual 2.0 index.php = LFI Vulnerability +Title: justVisual 2.0 index.php Local File Vulnerability +Version: 2.0 +License: http://www.gnu.org/copyleft/gpl.html +Download: http://fh54.de/justVisual/packages/justVisual2.zip +Risk: Medium +Local: Y...

CVE-2010-1090

CVE-2010-1090 describes a SQL injection in the PHP app phpMySite via the parameter action to index.php . The root cause is improper input handling allowing remote attackers to craft SQL commands; impact per sources is arbitrary SQL execution with partial confidentiality, integrity, and availabili...

CVE-2010-1090

SQL injection vulnerability in index.php in phpMySite allows remote attackers to execute arbitrary SQL commands via the action parameter...

CVE-2010-1076

Cross-site scripting XSS vulnerability in index.php in Entry Level CMS EL CMS allows remote attackers to inject arbitrary web script or HTML via the subj parameter, which is not properly handled in a forced SQL error message. NOTE: the provenance of this information is unknown; the details are...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in Entry Level CMS EL CMS allows remote attackers to inject arbitrary web script or HTML via the subj parameter, which is not properly handled in a forced SQL error message. NOTE: the provenance of this information is unknown; the details are...

CVE-2010-1075

CVE-2010-1075 is an SQL injection vulnerability in the EL CMS (Entry Level CMS) where the vulnerable component is index.php . The issue allows remote attackers to execute arbitrary SQL commands through the subj parameter. The available documents do not specify the exact root cause in code, affect...

Directory traversal

Directory traversal vulnerability in the RokDownloads comrokdownloads component before 1.0.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. dot dot in the controller parameter to index.php...

CVE-2010-1052

Multiple cross-site scripting XSS vulnerabilities in index.php in AudiStat 1.3 allow remote attackers to inject arbitrary web script or HTML via the 1 year and 2 mday parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2010-1043

Directory traversal vulnerability in index.php in jaxCMS 1.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parameter...

CVE-2010-1050

SQL injection vulnerability in index.php in AudiStat 1.3 allows remote attackers to execute arbitrary SQL commands via the mday parameter...

Sql injection

Multiple SQL injection vulnerabilities in index.php in AudiStat 1.3 allow remote attackers to execute arbitrary SQL commands via the 1 year and 2 month parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

Sql injection

SQL injection vulnerability in index.php in AudiStat 1.3 allows remote attackers to execute arbitrary SQL commands via the mday parameter...

Discloser 'more' Parameter SQL Injection Vulnerability

The host is running Discloser and is prone to SQL injection vulnerability. OpenVAS Vulnerability Test $Id: secpoddisclosersqlinjvuln.nasl 5394 2017-02-22 09:22:42Z teissa $ Discloser 'more' Parameter SQL Injection Vulnerability Authors: Antu Sanadi Copyright: Copyright c 2010 SecPod,...

Zephyrus CMS SQL Injection

==================================================== Zephyrus CMS index.php SQL Injection Vulnerability ==================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //...

Zephyrus CMS (index.php) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ==================================================== Zephyrus CMS index.php SQL Injection Vulnerability ==================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' ...

Uiga Business Portal - index.php SQL Injection

Uiga Business Portal - index.php SQL Injection ----------------------------Information------------------------------------------------ +Name : Uiga Business Portal = index.php SQL Injection Vulnerability +Autor : Easy Laster +Date : 23.03.2010 +Script : Uiga Business Portal +Download :...

Uiga Business Portal - 'index.php' SQL Injection

----------------------------Information------------------------------------------------ +Name : Uiga Business Portal = index.php SQL Injection Vulnerability +Autor : Easy Laster +Date : 23.03.2010 +Script : Uiga Business Portal +Download :...