Code injection

Wysi Wiki Wyg 1.0 allows remote attackers to obtain system information via an invalid categup parameter to index.php, which calls the phpinfo function...

CVE-2008-5323

Cross-site scripting XSS vulnerability in index.php in Wysi Wiki Wyg 1.0 allows remote attackers to inject arbitrary web script or HTML via the s parameter...

CVE-2008-5322

Wysi Wiki Wyg 1.0 allows remote attackers to obtain system information via an invalid categup parameter to index.php, which calls the phpinfo function...

CVE-2008-5321

The CVE-2008-5321 entry describes a SQL injection in the GesGaleri module (index.php) for XOOPS, exploitable via an input parameter (the none parameter is cited as the injection point). A remote attacker could execute arbitrary SQL commands according to the description and CVSS metrics (base scor...

CVE-2008-5323

Cross-site scripting XSS vulnerability in index.php in Wysi Wiki Wyg 1.0 allows remote attackers to inject arbitrary web script or HTML via the s parameter...

CVE-2008-5323

The CVE-2008-5323 issue affects Wysi Wiki Wyg 1.0, where index.php is vulnerable to Cross-site Scripting (XSS). An attacker can remotely inject arbitrary script/HTML via the s parameter, with a CVSSv2 base score of 4.3 (Medium): confidentiality impact None, integrity impact Partial, availability ...

CVE-2008-5321

SQL injection vulnerability in index.php in GesGaleri, a module for XOOPS, allows remote attackers to execute arbitrary SQL commands via the no parameter...

CVE-2008-5309

SQL injection vulnerability in NetArt Media Real Estate Portal 1.2 allows remote attackers to execute arbitrary SQL commands via the adid parameter in the resendemail module to index.php...

CVE-2008-5306

An SQL injection vulnerability exists in PG Real Estate Solution: admin/index.php accepts the login_lg (username) parameter in a way that allows remote attackers to execute arbitrary SQL commands. The issue is tied to the login handling code and carries a CVSS v2 base score of 7.5 (HIGH) with par...

CVE-2008-5307

CVE-2008-5307: A SQL injection vulnerability exists in admin/index.php of the PG Roommate Finder Solution, exploitable via the login_lg parameter. The flaw enables remote attackers to execute arbitrary SQL commands. The NVD entry notes this as a high-severity issue (CVSSv2 base score 7.5; AV:N/AC...

CVE-2008-5293

SQL injection vulnerability in index.php in WebStudio eHotel allows remote attackers to execute arbitrary SQL commands via the pageid parameter...

CVE-2008-5294

SQL injection vulnerability in index.php in WebStudio eCatalogue allows remote attackers to execute arbitrary SQL commands via the pageid parameter...

CVE-2008-5295

SQL injection vulnerability in index.php in Jamit Job Board 3.4.10 allows remote attackers to execute arbitrary SQL commands via the showemp parameter...

Sql injection

SQL injection vulnerability in index.php in WebStudio eHotel allows remote attackers to execute arbitrary SQL commands via the pageid parameter...

Sql injection

SQL injection vulnerability in index.php in WebStudio eCatalogue allows remote attackers to execute arbitrary SQL commands via the pageid parameter...

CVE-2008-5295

CVE-2008-5295 is a SQL injection vulnerability affecting Jamit Job Board 3.4.10. The issue resides in index.php via the show_emp parameter, allowing remote attackers to execute arbitrary SQL commands. The NVD entry sources indicate a base score of 7.5 (HIGH) with network attack vector and no auth...

CVE-2008-5294

SQL injection vulnerability in index.php in WebStudio eCatalogue allows remote attackers to execute arbitrary SQL commands via the pageid parameter...

CVE-2008-5294

CVE-2008-5294 is a SQL injection vulnerability affecting WebStudio eCatalogue, specifically in index.php where the pageid parameter can be exploited to execute arbitrary SQL commands. The vulnerability is documented in public sources (e.g., NVD, Exploit-DB), with an NVD base score of 7.5 (HIGH) a...

minimalablog-sqlfubypass.txt

=========================================================================================================== o minimal-ablog 0.4 SQL Injection, File Upload and Admin Bypass Vuln Software : minimal-ablog version 0.4 Vendor : http://www.abweb.co.cc/ Download :...

minimal ablog 0.4 - SQL Injection Arbitrary File Upload Authentication Bypass

minimal ablog 0.4 - SQL Injection Arbitrary File Upload Authentication Bypass =========================================================================================================== o minimal-ablog 0.4 SQL Injection, File Upload and Admin Bypass Vuln Software : minimal-ablog version 0.4 Vendo...