Sql injection

SQL injection vulnerability in index.php in CMS little 0.0.1 allows remote attackers to execute arbitrary SQL commands via the term parameter...

Sql injection

SQL injection vulnerability in merchants/index.php in Post Affiliate Pro 3 and 3.1.4 allows remote attackers to execute arbitrary SQL commands via the umprofstatus parameter...

CVE-2008-5629

CVE-2008-5629 describes an SQL injection in the Turnkey Arcade Script: vulnerable component is index.php, via the id parameter in a play action. The underlying flaw allows remote attackers to inject arbitrary SQL and potentially affect data, due to the input being unsafely concatenated into queri...

CVE-2008-5628

CVE-2008-5628 corresponds to an SQL injection in index.php of CMS little 0.0.1, enabling remote attackers to execute arbitrary SQL commands via the term parameter. Affected component: index.php in CMS little 0.0.1. Root cause: unsafeguarded SQL construction through user-supplied term parameter. R...

CVE-2008-5604

The CVE-2008-5604 issue affects My Simple Forum 3.0 and 4.1, where a directory traversal flaw in index.php allows remote attackers to include and execute local files via a .. in the action parameter when magic_quotes_gpc is disabled. This is a file-path handling vulnerability that can compromise ...

CVE-2008-5566

Cross-site scripting XSS vulnerability in index.php in Triangle Solutions PHP Multiple Newsletters 2.7 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

CVE-2008-5570

Directory traversal vulnerability in index.php in PHP Multiple Newsletters 2.7, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the lang parameter...

CVE-2008-5584

Multiple cross-site scripting XSS vulnerabilities in ProjectPier 0.8 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 a message, 2 a milestone, or 3 a display name in a profile, or the 4 a or 5 c parameter to index.php...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in PHPepperShop 1.4 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 index.php or 2 shop/kontakt.php, or 3 shopkundenmgmt.php or 4 SHOPKONFIGURATION.php in shop/Admin/...

Sql injection

Multiple SQL injection vulnerabilities in index.php in sCssBoard 1.0, 1.1, 1.11, and 1.12 allow remote attackers to execute arbitrary SQL commands via 1 the f parameter in a showforum action, 2 the u parameter in a profile action, 3 the viewcat parameter, or 4 a combination of scbuid and scbident...

CVE-2008-5578

CVE-2008-5578 describes multiple SQL injection vulnerabilities in the sCssBoard product (versions 1.0, 1.1, 1.11, 1.12) affecting index.php. Attack vectors include (1) f parameter in showforum, (2) u parameter in profile, (3) viewcat parameter, and (4) combinations of scb_uid/scb_ident cookie val...

CVE-2008-5583

The CVE-2008-5583 entry describes a cross-site request forgery in ProjectPier 0.8 and earlier, where an attacker can cause actions as an administrator through the index.php query string (e.g., delete project). Affected software: ProjectPier 0.8 and earlier. Root cause: CSRF in index.php allowing ...

Aperto Blog 0.1.1 Local File Inclusion / SQL Injection Vulnerabilities

Exploit for unknown platform in category web applications ====================================================================== Aperto Blog 0.1.1 Local File Inclusion / SQL Injection Vulnerabilities ======================================================================...

Aperto Blog 0.1.1 Local File Inclusion / SQL Injection

=========================================================================================================== o Aperto Blog 0.1.1 Local File Inclusion and SQL Injection Vulnerabilities Software : Aperto Blog version 0.1.1 Vendor : http://code.google.com/p/apertoblog/ Download :...

CFAGCMS Remote File Inclusion

Author : BeyazKurt - [email protected] Script : CFAGCMS Download : http://sourceforge.net/project/showfiles.php?groupid=197936 Vuln : Page themes/default/index.php, Line 15-16 : Site.Com/cfagcms/themes/default/index.php?main=SHELL Site.Com/cfagcms/themes/default/index.php?right=SHELL SHQİPTAR!...

Aperto Blog 0.1.1 - Local File Inclusion SQL Injection

Aperto Blog 0.1.1 - Local File Inclusion SQL Injection =========================================================================================================== o Aperto Blog 0.1.1 Local File Inclusion and SQL Injection Vulnerabilities Software : Aperto Blog version 0.1.1 Vendor :...

CadeNix (cid) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================ CadeNix cid Remote SQL Injection Vulnerability ================================================ Remote Sql Injection CadeNix index.php CadeNix Online Games Play Online I am , HaCkeR EgY My...

Aperto Blog 0.1.1 Local File Inclusion / SQL Injection Vulnerabilities

No description provided by source. =========================================================================================================== o Aperto Blog 0.1.1 Local File Inclusion and SQL Injection Vulnerabilities Software : Aperto Blog version 0.1.1 Vendor :...

Aperto Blog 0.1.1 - Local File Inclusion / SQL Injection

=========================================================================================================== o Aperto Blog 0.1.1 Local File Inclusion and SQL Injection Vulnerabilities Software : Aperto Blog version 0.1.1 Vendor : http://code.google.com/p/apertoblog/ Download :...

Mediatheka 4.2 (index.php lang) Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ================================================================== Mediatheka 4.2 index.php lang Local File Inclusion Vulnerability ================================================================== START 0x01 Informations: Script :...