7210 matches found
CVE-2009-1065
SQL injection vulnerability in index.php in Pixie CMS 1.01a allows remote attackers to execute arbitrary SQL commands via the x parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2009-1065
The CVE-2009-1065 entry concerns a SQL injection vulnerability in Pixie CMS 1.01a (index.php) that allows remote attackers to execute arbitrary SQL commands via the x parameter. Affected component: Pixie CMS 1.01a, vulnerability in index.php; root cause is improper handling of input leading to SQ...
CVE-2008-6501
Cross-site scripting XSS vulnerability in profiles/index.php in Pro Chat Rooms 3.0.2 allows remote attackers to inject arbitrary web script or HTML via the gud parameter...
CVE-2009-1038
Multiple SQL injection vulnerabilities in YAP Blog 1.1.1 allow remote attackers to execute arbitrary SQL commands via the 1 imageid parameter to comments.php, and remote authenticated administrators to execute arbitrary SQL commands via the 2 user parameter in a modif action to admin/index.php...
Sql injection
SQL injection vulnerability in index.php in phpComasy 0.9.1 allows remote attackers to execute arbitrary SQL commands via the entryid parameter...
CVE-2008-6495
Cross-site scripting XSS vulnerability in index.php in Fritz Berger yet another php photo album - next generation yappa-ng 2.3.2 allows remote attackers to inject arbitrary web script or HTML via the album parameter...
CVE-2009-1023
SQL injection vulnerability in index.php in phpComasy 0.9.1 allows remote attackers to execute arbitrary SQL commands via the entryid parameter...
CVE-2009-1023
CVE-2009-1023 affects phpComasy 0.9.1 through index.php:entry_id, enabling remote SQL injection that can modify or read database contents with Partial confidentiality, Integrity, and Availability impacts (CVSS v2 base 7.5). Connected sources confirm the vulnerability and parameter as entry_id, bu...
CVE-2009-0968
SQL injection vulnerability in fmoblog.php in the fMoblog plugin 2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: some of these details are obtained from third party information...
Sql injection
SQL injection vulnerability in fmoblog.php in the fMoblog plugin 2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: some of these details are obtained from third party information...
Sql injection
SQL injection vulnerability in index.php in SoftComplex PHP Image Gallery 1.0 allows remote attackers to execute arbitrary SQL commands via the Admin field in a login action...
CVE-2008-6485
SQL injection vulnerability in index.php in SoftComplex PHP Image Gallery allows remote attackers to execute arbitrary SQL commands via the ctg parameter...
CVE-2008-6485
CVE-2008-6485 : The connected documents confirm a SQL injection in SoftComplex PHP Image Gallery, specifically in index.php via the ctg parameter. The root cause is unsafe SQL construction in the application, enabling remote attackers to execute arbitrary SQL commands with the potential for parti...
CVE-2008-6488
CVE-2008-6488 describes an SQL injection in the login action of the web application SoftComplex PHP Image Gallery 1.0 . The vulnerability exists in the login functionality, where the Admin field can be exploited to execute arbitrary SQL commands remotely. According to the NVD entry, the vulnerabi...
Sql injection
SQL injection vulnerability in Mumbo Jumbo Media OP4 allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php...
CVE-2008-6477
SQL injection vulnerability in Mumbo Jumbo Media OP4 allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php...
CVE-2008-6477
CVE-2008-6477 involves a SQL injection vulnerability in Mumbo Jumbo Media OP4, where an attacker can send crafted input to the id parameter in index.php to execute arbitrary SQL commands. Affected: Mumbo Jumbo Media OP4. Root cause and exact exploit flow are not detailed in the provided documents...
Sql injection
SQL injection vulnerability in index.php in PlainCart 1.1.2 allows remote attackers to execute arbitrary SQL commands via the p parameter...
CVE-2008-6468
SQL injection vulnerability in index.php in Diesel Pay allows remote attackers to execute arbitrary SQL commands via the area parameter in a browse action...
CVE-2008-6468
CVE-2008-6468 affects Diesel Pay: SQL injection in index.php via the area parameter in a browse action. Root cause is improper input handling in that parameter, enabling remote attackers to potentially execute arbitrary SQL commands. The vulnerability is rated CVSS v2 base score 7.5 (HIGH) with n...