CVE-2006-1416

Cross-site scripting XSS vulnerability in afmsearch.aspx in Absolute FAQ Manager .NET 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search module parameters, possibly the question parameter...

CVE-2006-1411

Cross-site scripting XSS vulnerability in Absolute Image Gallery XE 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via 1 the shownew parameter in gallery.asp and 2 unspecified search module parameters...

CVE-2006-1411

The CVE-2006-1411 issue affects Absolute Image Gallery XE 2.0 and earlier, where cross-site scripting (XSS) is possible via the shownew parameter in gallery.asp and through unspecified search module parameters. The underlying vulnerability is input handling that allows arbitrary web script/HTML t...

CVE-2006-1411

Cross-site scripting XSS vulnerability in Absolute Image Gallery XE 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via 1 the shownew parameter in gallery.asp and 2 unspecified search module parameters...

CVE-2005-4614

Multiple SQL injection vulnerabilities in digiSHOP 3.1.17 and earlier allow remote attackers to execute arbitrary SQL commands or obtain the full installation path via (1) the c parameter in cart.php and (2) unspecified search module parameters. Affected: digiSHOP 3.1.17 and earlier. Impact: pote...

CVE-2005-4527

CVE-2005-4527 involves Direct News 4.9 with multiple SQL injection vulnerabilities. The issues allow remote attackers to execute arbitrary SQL via (1) the setLang parameter in index.php and (2) unspecified search module parameters. NVD reports a base score of 7.5 (HIGH) with Network attack vector...

CVE-2005-4292

CVE-2005-4292 affects CommerceSQL 1.0 and earlier. Vulnerable due to cross-site scripting via unspecified search module parameters, possibly the keywords parameter in Quick Find, enabling remote injection of arbitrary script/HTML. No remediation details or exploit status provided in the connected...

CVE-2005-4281

Cross-site scripting XSS vulnerability in Zaygo HostingCart 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via certain search module parameters, possibly the root parameter to zaygo.cgi...

CVE-2005-4237

Cross-site scripting XSS vulnerability in MySQL Auction 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search module parameters, possibly the keyword parameter in the SearchZoom module...

CVE-2005-4027

SQL injection vulnerability in SimpleBBS 1.1 allows remote attackers to execute arbitrary SQL commands via unspecified search module parameters...

CVE-2005-4027

CVE-2005-4027 affects SimpleBBS 1.1. The issue is a SQL injection vulnerability reported to allow remote attackers to execute arbitrary SQL commands via unspecified search module parameters. The provided sources list a CVSS2 base score of 7.5 (HIGH) with network attack vector, low complexity, and...