CVE-2008-7072

CVE-2008-7072 is an XSS vulnerability in Chipmunk Topsites, affecting index.php via the start parameter. The issue allows remote attackers to inject arbitrary web script or HTML. The description and connected records specify the vulnerable component as Chipmunk Topsites’ index.php and the start p...

Sql injection

SQL injection vulnerability in index.php in One-News Beta 2 allows remote attackers to execute arbitrary SQL commands via the q parameter...

CVE-2008-7059

CVE-2008-7059 describes an SQL injection vulnerability in the index.php of One-News Beta 2, exploitable via the q parameter. This allows remote attackers to execute arbitrary SQL commands. The issue is classified with a CVSS v2 base score of 7.5 (HIGH) with network access, low complexity, and no ...

CVE-2009-2929

Multiple SQL injection vulnerabilities in TGS Content Management 0.x allow remote attackers to execute arbitrary SQL commands via the 1 tgslanguageid, 2 tpldir, 3 referer, 4 user-agent, 5 site, 6 option, 7 dboptimization, 8 owner, 9 adminemail, 10 defaultlanguage, and 11 dbhost parameters to...

CVE-2009-2929

CVE-2009-2929 affects TGS Content Management 0.x. The vulnerability is multiple SQL injection points in cms/index.php (parameters including tgs_language_id, tpl_dir, referer, user-agent, site, option, db_optimization, owner, admin_email, default_language, db_host) and cms/frontpage_ception.php (p...

CVE-2008-7018

Cross-site scripting XSS vulnerability in NashTech Easy PHP Calendar 6.3.25 allows remote attackers to inject arbitrary web script or HTML via the Details field descr parameter in an Add New Event action in an unspecified request as generated by an add action in index.php...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in XZero Community Classifieds 4.97.8 and earlier allows remote attackers to inject arbitrary web script or HTML via the name of an uploaded file. NOTE: the provenance of this information is unknown; the details are obtained solely from third...

CVE-2009-2913

CVE-2009-2913 affects XZero Community Classifieds 4.97.8. A cross-site scripting (XSS) vulnerability exists in index.php that allows remote attackers to inject arbitrary script/HTML via the URI. According to NVD, impact is partial integrity impact with no confidentiality or availability impact; e...

CVE-2009-2889

Cross-site scripting XSS vulnerability in index.php in PHP Scripts Now Hangman allows remote attackers to inject arbitrary web script or HTML via the letters parameter...

CVE-2009-2881

Multiple SQL injection vulnerabilities in Basilic 1.5.13 allow remote attackers to execute arbitrary SQL commands via the idAuthor parameter to 1 index.php and possibly 2 allpubs.php in publications/...

Sql injection

Multiple SQL injection vulnerabilities in Basilic 1.5.13 allow remote attackers to execute arbitrary SQL commands via the idAuthor parameter to 1 index.php and possibly 2 allpubs.php in publications/...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in index.php in XZero Community Classifieds 4.97.8 allow remote attackers to inject arbitrary web script or HTML via 1 the postevent parameter in a post action or 2 the xzcaly parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in PHP Scripts Now Hangman allows remote attackers to inject arbitrary web script or HTML via the letters parameter...

Remote file inclusion

PHP remote file inclusion vulnerability in index.php in PHPAuction 3.2 allows remote attackers to execute arbitrary PHP code via a URL in the lan parameter. NOTE: this might be related to CVE-2005-2255.1...

CVE-2008-6981

index.php in phpAdultSite CMS, possibly 2.3.2, allows remote attackers to obtain the full installation path via an invalid resultsperpage parameter, which leaks the path in an error message. NOTE: this issue might be resultant from a separate SQL injection vulnerability...

CVE-2008-7000

CVE-2008-7000 documents a PHP remote file inclusion in PHPAuction 3.2. The flaw allows an attacker to execute arbitrary PHP code by supplying a URL in the lan parameter to index.php (and possibly related files), enabling code inclusion from a remote or local source. The note suggests a possible r...

CVE-2008-7000

PHP remote file inclusion vulnerability in index.php in PHPAuction 3.2 allows remote attackers to execute arbitrary PHP code via a URL in the lan parameter. NOTE: this might be related to CVE-2005-2255.1...

Dreampics Builder (exhibition_id) Remote SQL Injection Vulnerability

No description provided by source. Viva IslaM Viva IslaM Remote SQL Injection Vulnerability index.php fuseaction DREAMPICS BUILDER http://www.dreamlevels.com/dreampics.php AuTh0r : Mr.SQL H0ME : WwW.55a.NeT Email : [email protected] -: ExploiteS :-...

phpfreeBB 1.0 - Blind SQL Injection

phpfreeBB 1.0 - Blind SQL Injection / | | \ \ / / | | \ \ / / | |\ \ /\ / / | | | | | | \ V /| | | \ V V / | | || | || / ||| // ,|, | |/ | | | |/ / | ' \ | | / | | | | | | | |||,|| || || phpfreeBB 1.0 Remote BLIND SQL Injection Vulnerability Discovered By : Moudi Contact : Download :...

E CMS 1.0 - index.php?s SQL Injection

E CMS 1.0 - index.php?s SQL Injection ============================================================================== Hackteach.OrG zZzZzZz zZzZzZz Zz ooooo Zz Zz o o Zz Zz o o Zz Zz o o Zz Zz ooooo Zz zZzZzZz zZzZzZz ============================================================================== Â...