7210 matches found
Sql injection
SQL injection vulnerability in index.php in WebBlizzard CMS allows remote attackers to execute arbitrary SQL commands via the page parameter...
CVE-2008-3154
SQL injection vulnerability in index.php in WebBlizzard CMS allows remote attackers to execute arbitrary SQL commands via the page parameter...
CVE-2008-3154
SQL injection vulnerability in index.php in WebBlizzard CMS allows remote attackers to execute arbitrary SQL commands via the page parameter...
Sql injection
Multiple SQL injection vulnerabilities in index.php in Catviz 0.4 beta 1 allow remote attackers to execute arbitrary SQL commands via the 1 foreignkeyvalue parameter in the news page and 2 webpage parameter in the webpagemultiedit form...
CVE-2008-3129
Multiple SQL injection vulnerabilities in index.php in Catviz 0.4 beta 1 allow remote attackers to execute arbitrary SQL commands via the 1 foreignkeyvalue parameter in the news page and 2 webpage parameter in the webpagemultiedit form...
CVE-2008-3130
CVE-2008-3130 involves multiple cross-site scripting (XSS) vulnerabilities in OpenCart 0.7.7. The issue resides in index.php where the (1) firstname and (2) search parameters can be crafted to inject arbitrary web script or HTML. This describes a client-side injection vulnerability that could aff...
Sql injection
SQL injection vulnerability in index.php in DreamPics Builder allows remote attackers to execute arbitrary SQL commands via the page parameter...
Sql injection
SQL injection vulnerability in index.php in Mole Group Lastminute Script 4.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter...
CVE-2008-3119
SQL injection vulnerability in index.php in DreamPics Builder allows remote attackers to execute arbitrary SQL commands via the page parameter...
CVE-2008-3124
SQL injection vulnerability in index.php in Mole Group Hotel Script 1.0 allows remote attackers to execute arbitrary SQL commands via the file parameter...
CVE-2008-3125
CVE-2008-3125 describes an SQL injection in Mole Group Lastminute Script 4.0, exploitable via the cid parameter in index.php. The vulnerability allows remote attackers to execute arbitrary SQL commands. The NVD entry notes a CVSSv2 base score of 7.5 (High) with network access, low attack complexi...
CVE-2008-3119
CVE-2008-3119 affects DreamPics Builder. The vulnerability is an SQL injection in index.php, exploitable via the page parameter, allowing remote attackers to execute arbitrary SQL commands. The sources consistently describe this as a SQL injection flaw but do not specify affected versions, patche...
CVE-2008-3124
CVE-2008-3124 : A SQL injection vulnerability exists in index.php of Mole Group Hotel Script 1.0, allowing remote attackers to inject arbitrary SQL commands via the file parameter. Affected software is Mole Group Hotel Script 1.0 (index.php). The vulnerability enables partial confidentiality, int...
Cross site scripting
Cross-site scripting XSS vulnerability in the Files module in Kasseler CMS 1.3.0 and 1.3.1 Lite allows remote attackers to inject arbitrary web script or HTML via the cid parameter in a Category action to index.php...
Design/Logic Flaw
myWebland myBloggie 2.1.6 allow remote attackers to obtain sensitive information via 1 an invalid year parameter to calendar.php, reached through index.php; 2 a direct request to common.php; and 3 a mode array parameter in the query string to login.php, which reveal the installation path in vario...
CVE-2007-3650
myWebland myBloggie 2.1.6 allow remote attackers to obtain sensitive information via 1 an invalid year parameter to calendar.php, reached through index.php; 2 a direct request to common.php; and 3 a mode array parameter in the query string to login.php, which reveal the installation path in vario...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Farsi Script aka FaScript FaName 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 key or 2 desc parameter to index.php, or 3 the name parameter to page.php...
joomlamygallery-sql.txt
H-T Team HouSSamix & ToXiC350 ===================================================================== Joomla Component mygallery Remote SQL Injection Exploit ===================================================================== AUTHOR : HouSSamix From H-T TeaM Script : mygallery Joomla Component...
sispletcms-sql.txt
================================================================= Sisplet CMS index.php id Remote SQL Injection Vulnerability ================================================================= ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...
CVE-2007-3653
Multiple cross-site scripting XSS vulnerabilities in Farsi Script aka FaScript FaName 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 key or 2 desc parameter to index.php, or 3 the name parameter to page.php...