PT-2007-4165 · Saxon · Saxon

Name of the Vulnerable Software and Affected Versions: SAXON version 4.6 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the template parameter to specific PHP files, including 1 "news.php", 2 "preview.php", or 3 "archive-display.php". Recommendations: Fo...

simplog-0.9.3.1.txt

Softare: Simplog www.simplog.org version:0.9.3.1 i assume others as well There are a few sql injections available with this software. This one is in preview.php eg. http://site/preview.php?blogid=2&adm=tem&tid=-1%20union%20select%20password%20from%20blogusers%20where%20name='insert username here'...

SQL Injection simplog

Softare: Simplog www.simplog.org version:0.9.3.1 i assume others as well There are a few sql injections available with this software. This one is in preview.php eg. http://site/preview.php?blogid=2&adm=tem&tid=-120union20select20passw ord20from20blogusers20where20name='insert username here'...

Sql injection

Multiple SQL injection vulnerabilities in Core CoreNews 2.0.1 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 iconid and 2 userid parameters in preview.php...