CVE-2008-2487

SQL injection vulnerability in index.php in MAXSITE 1.10 and earlier allows remote attackers to execute arbitrary SQL commands via the category parameter in a webboard action...

CVE-2008-2484

CVE-2008-2484 : A SQL injection in index.php of Xomol CMS 1.20071213 (magic_quotes_gpc disabled) allows remote attackers to execute arbitrary SQL via the email parameter. The NVD description confirms the vulnerable component and input vector; exploitation status is not provided in the connected d...

CVE-2008-2498

CVE-2008-2498 involves multiple SQL injection vulnerabilities in Mambo before 4.6.4. The flaws allow remote attackers to execute arbitrary SQL commands via the articleid and mcname parameters in index.php when magic_quotes_gpc is disabled. The issue is documented across multiple sources (NVD/NVD-...

CVE-2008-2456

CVE-2008-2456 affects ComicShout 2.5 and earlier. The vulnerability is an SQL injection in index.php via the comic_id parameter, enabling remote execution of arbitrary SQL commands. No remediation details are provided in the supplied documents; exploitation information is referenced (Exploit-DB l...

dzoic handshakes sql injection >> index.php on $fname

By :s3rv3rhack3rAli Jasbi From hackerz.ir vendro : dzoic.com version : all risk : high bug : http://Victim/dzoic/index.php?handler=search&action=perform&searchtype=members&fname=Sql...

CVE-2008-2425

SQL injection vulnerability in index.php in FicHive 1.0 allows remote attackers to execute arbitrary SQL commands via the letter parameter in a Search action, a different vector than CVE-2008-2416. NOTE: the provenance of this information is unknown; the details are obtained solely from third par...

CVE-2008-2425

CVE-2008-2425 : FicHive 1.0 – SQL injection in index.php allowing remote attackers to execute arbitrary SQL via the letter parameter in a Search action. This entry notes a different vector than CVE-2008-2416 (category parameter in Fiction action). No remediation details are provided in the connec...

CVE-2008-2422

SQL injection vulnerability in index.php in Web Slider 0.6 allows remote attackers to execute arbitrary SQL commands via the slide parameter in a slides action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

Sql injection

SQL injection vulnerability in index.php in FicHive 1.0 allows remote attackers to execute arbitrary SQL commands via the category parameter in a Fiction action, possibly related to sources/fiction.class.php...

CVE-2008-2411

SQL injection vulnerability in index.php in SazCart 1.5.1 and earlier, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the prodid parameter in a details action...

CVE-2008-2416

SQL injection vulnerability in index.php in FicHive 1.0 allows remote attackers to execute arbitrary SQL commands via the category parameter in a Fiction action, possibly related to sources/fiction.class.php...

CVE-2008-2411

CVE-2008-2411 concerns SQL injection in SazCart 1.5.1 and earlier, via the prodid parameter in the details action of index.php when magic_quotes_gpc is disabled. The affected product is SazCart, version 1.5.1 and earlier. Root cause: improper handling of user-supplied prodid leading to SQL comman...

CVE-2008-2416

Summary of CVE-2008-2416: FicHive 1.0 is vulnerable to a SQL injection in index.php triggered by the category parameter in a Fiction action (likely related to sources/fiction.class.php). This allows remote attackers to craft arbitrary SQL, enabling potential data disclosure or modification. The v...

Netious CMS 0.4 (index.php pageid) SQL Injection Vulnerability

No description provided by source. Title :: Netious CMS 0.4 Remote SQL Injection Vulnerability Author :: InjEctOr s0f at w dot cn && ToTaL n.47 at hotmail.com discouvred by :: ToTaL Application :: Netious CMS 0.4 Download :: http://www.netious.com/sections/3/files/netious-cms-serv-0.4.zip Dork 1 ...

CVE-2008-2398

CVE-2008-2398 affects AppServ Open Project 2.5.10 and earlier, with a cross-site scripting (XSS) vulnerability in index.php that allows injection of arbitrary script/HTML via the appservlang parameter. Root cause is input handling in index.php failing to neutralize user-supplied appservlang data....

microSSys CMS <= 1.5 Remote File Inclusion Vulnerability

No description provided by source. microSSys CMS = 1.5 Remote File Inclusion Vulnerability Software site: http://wajox.com/ =============================================================== By Raz0r www.Raz0r.name =============================================================== Vulnerable code...

ComicShout 2.5 (index.php comic_id) Remote SQL Injection Vulnerability

No description provided by source. ComicShout Remote 2.5 SQL Injection Vulnerability by D3m0n a.k.a Niiub Home: www.bl4ck-b0x-info niiubatbl4ck-b0x.info Exploit: /index.php?comicid=-1+UNION+SELECT+1,2,3,concatsiteadmin,char58,sitepass,5,6+FROM+setup/ Admin PA: admin.php Greetz: dun - sidpsycho -...

Sql injection

SQL injection vulnerability in index.php in Archangel Weblog 0.90.02 and earlier allows remote attackers to execute arbitrary SQL commands via the postid parameter...

Directory traversal

Directory traversal vulnerability in index.php in Smeego 1.0, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the lang cookie...

Sql injection

Multiple SQL injection vulnerabilities in index.php in CMS WebManager-Pro allow remote attackers to execute arbitrary SQL commands via the 1 langid and 2 menuid parameters...