7210 matches found
CVE-2009-3529
The CVE-2009-3529 entry concerns RadScripts RadBids Gold 4. Vulnerability : SQL injection in index.php triggered by the fid parameter in a view_forum action, enabling remote attackers to execute arbitrary SQL commands. This is a different vector than CVE-2005-1074. Impact : Partial confidentialit...
CVE-2009-3514
Multiple SQL injection vulnerabilities in d.net CMS allow remote attackers to execute arbitrary SQL commands via 1 the page parameter to index.php; and allow remote authenticated administrators to execute arbitrary SQL commands via the 2 editid and 3 p parameter in a news action to...
CVE-2009-3506
Multiple cross-site scripting XSS vulnerabilities in CMSphp 0.21 allow remote attackers to inject arbitrary web script or HTML via the 1 cookuser parameter to index.php and the 2 name parameter to modules.php...
Sql injection
Multiple SQL injection vulnerabilities in d.net CMS allow remote attackers to execute arbitrary SQL commands via 1 the page parameter to index.php; and allow remote authenticated administrators to execute arbitrary SQL commands via the 2 editid and 3 p parameter in a news action to...
CVE-2009-3494
Multiple SQL injection vulnerabilities in index.php in T-HTB Manager 0.5, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via 1 the id parameter in a deletecategory action, 2 the name parameter in an updatecategory action, and other vectors...
CVE-2009-3493
Multiple cross-site scripting XSS vulnerabilities in Zenas PaoBacheca Guestbook 2.1 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 scrivi.php and 2 index.php...
CVE-2009-3494
The CVE describes SQL injection vulnerabilities in the web application component index.php of T-HTB Manager 0.5. The root cause is improper handling of inputs when magic_quotes_gpc is disabled, enabling remote attackers to inject arbitrary SQL commands through parameters such as id (in delete_cat...
CVE-2009-3494
Multiple SQL injection vulnerabilities in index.php in T-HTB Manager 0.5, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via 1 the id parameter in a deletecategory action, 2 the name parameter in an updatecategory action, and other vectors...
Sql injection
SQL injection vulnerability in index.php in the Publisher module 2.0 for Miniweb allows remote attackers to execute arbitrary SQL commands via the historymonth parameter...
CVE-2009-3356
SQL injection vulnerability in index.php in Image voting 1.0 allows remote attackers to execute arbitrary SQL commands via the show parameter...
CVE-2009-3361
SQL injection vulnerability in index.php in PHP-IPNMonitor allows remote attackers to execute arbitrary SQL commands via the maincatid parameter...
Sql injection
SQL injection vulnerability in index.php in PHP-IPNMonitor allows remote attackers to execute arbitrary SQL commands via the maincatid parameter...
Sql injection
SQL injection vulnerability in index.php in Image voting 1.0 allows remote attackers to execute arbitrary SQL commands via the show parameter...
CVE-2009-3361
SQL injection vulnerability in index.php in PHP-IPNMonitor allows remote attackers to execute arbitrary SQL commands via the maincatid parameter...
CVE-2009-3361
The CVE-2009-3361 entry covers a SQL injection in index.php of PHP-IPNMonitor, caused by unsafely using the maincat_id parameter. This allows remote attackers to execute arbitrary SQL commands. The affected software is PHP-IPNMonitor (index.php), but the connected documents do not specify exact v...
Regental Medien - Blind SQL Injection
Regental Medien - Blind SQL Injection o Regental Medien Blind SQL Injection Vulnerability Software : Regental Medien Vendor : http://www.regental-medien.de/ Author : NoGe Home : http://antisecurity.org o Vulnerable file index.php o Exploit http://localhost/path/index.php?mainid=SQL o Proof of...
Regental Medien Blind SQL Injection
o Regental Medien Blind SQL Injection Vulnerability Software : Regental Medien Vendor : http://www.regental-medien.de/ Author : NoGe Home : http://antisecurity.org o Vulnerable file index.php o Exploit http://localhost/path/index.php?mainid=SQL o Proof of Concept...
CVE-2009-3313
Multiple SQL injection vulnerabilities in FMyClone 2.3 allow remote attackers to execute arbitrary SQL commands via the comp parameter to 1 index.php and 2 editComments.php, and 3 allow remote authenticated administrators to execute arbitrary SQL commands via the id parameter in a comment action ...
CVE-2009-3311
Cross-site scripting XSS vulnerability in index.php in RSSMediaScript allows remote attackers to inject arbitrary web script or HTML via the page parameter...
Sql injection
SQL injection vulnerability in index.php in CMScontrol Content Management System 7.x allows remote attackers to execute arbitrary SQL commands via the idmenu parameter...