CVE-2009-0707

SQL injection vulnerability in admin/index.php in PowerClan 1.14a allows remote attackers to execute arbitrary SQL commands via the loginemail parameter aka login field. NOTE: some of these details are obtained from third party information...

CVE-2009-0707

CVE-2009-0707 is a SQL injection vulnerability in PowerClan 1.14a, specifically in admin/index.php where the loginemail parameter (login field) can be used to execute arbitrary SQL commands. The available connected documents confirm the affected component (admin/index.php), the software/version (...

CVE-2008-6234

SQL injection vulnerability in the commusica module in Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php...

CVE-2008-6234

SQL injection vulnerability in the commusica module in Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php...

Sql injection

SQL injection vulnerability in index.php in Five Dollar Scripts Drinks script allows remote attackers to execute arbitrary SQL commands via the recid parameter...

CVE-2008-6217

Cross-site scripting XSS vulnerability in index.php in Extrakt Framework 0.7 allows remote attackers to inject arbitrary web script or HTML via the pluginsfileid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in DreamCost HostAdmin 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the page parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in PhpForums.net mcGallery 1.1 allow remote attackers to inject arbitrary web script or HTML via the lang parameter to 1 admin.php, 2 index.php, 3 sess.php, 4 stats.php, 5 detail.php, 6 resize.php, and 7 show.php. NOTE: the provenance of this...

CVE-2008-6210

CVE-2008-6210 describes an SQL injection in the Dream4 Koobi application (versions 4.4 and 5.4). The vulnerability is triggered in index.php via the gallerypic page’s img_id parameter, allowing remote attackers to potentially execute arbitrary SQL commands. The available documents identify the af...

CVE-2008-6197

SQL injection vulnerability in index.php in the galerie module for KwsPHP 1.3.456 allows remote attackers to execute arbitrary SQL commands via the idgal parameter in a gal action...

CVE-2008-6189

SQL injection vulnerability in GForge 4.5.19 allows remote attackers to execute arbitrary SQL commands via the offset parameter to 1 new/index.php, 2 news/index.php, and 3 top/topusers.php, which is not properly handled in database-pgsql.php...

Sql injection

SQL injection vulnerability in GForge 4.5.19 allows remote attackers to execute arbitrary SQL commands via the offset parameter to 1 new/index.php, 2 news/index.php, and 3 top/topusers.php, which is not properly handled in database-pgsql.php...

CVE-2008-6190

The CVE-2008-6190 entry relates to a Cross-site Scripting (XSS) vulnerability in EEBCMS 0.95, where an attacker can supply the content parameter to index.php to inject arbitrary web script or HTML. This affects EEBCMS 0.95 and allows remote exploitation via the vulnerable parameter, enabling part...

CVE-2008-6174

CVE-2008-6174 is an XSS vulnerability affecting Jetbox CMS 2.1, specifically in admin/postlister/index.php where the liste parameter can be exploited to inject arbitrary web script or HTML. The descriptions across NVD and related records confirm a cross-site scripting flaw without details on obse...

CVE-2008-6174

Cross-site scripting XSS vulnerability in admin/postlister/index.php in Jetbox CMS 2.1 allows remote attackers to inject arbitrary web script or HTML via the liste parameter...

CVE-2009-0639

CVE-2009-0639 is a PHP remote file inclusion vulnerability affecting phpyabs 0.1.2, specifically in moduli/libri/index.php. The flaw allows remote attackers to execute arbitrary PHP code by supplying a URL in the Azione parameter. Public references (e.g., SecurityFocus BID 33670, Exploit-DB 8005)...

CVE-2009-0604

SQL injection vulnerability in index.php in PHP Director 0.21 and earlier allows remote attackers to execute arbitrary SQL commands via the searching parameter...

Sql injection

SQL injection vulnerability in index.php in PHP Director 0.21 and earlier allows remote attackers to execute arbitrary SQL commands via the searching parameter...

CVE-2009-0604

CVE-2009-0604 affects PHP Director 0.21 and earlier. The vulnerability is a SQL injection in index.php triggered via the searching parameter, allowing remote attackers to execute arbitrary SQL commands. Exploitation and affected version details are supported by multiple sources (NVD, CVE listings...

Sql injection

SQL injection vulnerability in index.php in Hispah Text Links Ads 1.1 allows remote attackers to execute arbitrary SQL commands via the idtl parameter in a buy action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...