CVE-2004-1960

Cross-site scripting XSS vulnerability in blockerquery.php in Protector System 1.15b1 allows remote attackers to inject arbitrary web script or HTML via the 1 target or 2 portNum parameters...

CVE-2004-1961

blocker.php in Protector System 1.15b1 allows remote attackers to bypass SQL injection protection and execute limited SQL commands via URL-encoded "'" characters "%27"...

CVE-2004-1959

The CVE-2004-1959 entry affects Protector System 1.15b1 for PHP-Nuke, where blocker_query.php exposes sensitive path information through the portNum parameter in an error message. This is a remote information-disclosure vulnerability that allows attackers to learn server filesystem paths. The ava...

CVE-2004-1962

The CVE-2004-1962 entry concerns Protector System 1.15b1 (index.php) with a vulnerability where an attacker could bypass SQL injection filters by sending "/**/" sequences in targeted fields. The issue is a SQL injection in the web application component, enabling potentially partial disclosure and...

CVE-2004-1960

Protector System 1.15b1 has a Cross‑Site Scripting (XSS) vulnerability in blocker_query.php that allows remote attackers to inject arbitrary web script or HTML via the (1) target or (2) portNum parameters. The CVE-2004-1960 entry notes a MEDIUM severity (CVSSv2 base 4.3) with Network attack vecto...

CVE-2004-1961

The CVE-2004-1961 entry concerns Protector System 1.15b1. A vulnerability in blocker.php allows remote attackers to bypass SQL-injection protection and execute limited SQL commands via URL-encoded (') characters. Affected component: blocker.php in Protector System 1.15b1. Underlying cause and exa...

CVE-2004-1960

Cross-site scripting XSS vulnerability in blockerquery.php in Protector System 1.15b1 allows remote attackers to inject arbitrary web script or HTML via the 1 target or 2 portNum parameters...

CVE-2004-1962

SQL injection vulnerability in index.php in Protector System 1.15b1 allows remote attackers to bypass SQL injection filters by using "//" sequences in the targeted fields...

CVE-2004-1959

blockerquery.php in Protector System 1.15b1 for PHP-Nuke allows remote attackers to gain sensitive information via a string in the portNum parameter, which reveals the full path in an error message...

CVE-2004-1961

blocker.php in Protector System 1.15b1 allows remote attackers to bypass SQL injection protection and execute limited SQL commands via URL-encoded "'" characters "%27"...

Protector System 1.15 - blocker_query.php Multiple Cross-Site Scripting Vulnerabilities

Protector System 1.15 - blockerquery.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/10206/info Multiple vulnerabilities were reported to exist in Protector System, which is a third-party module for PHP-Nuke. Cross-site scripting and SQL injection...

Protector System 1.15 - 'blocker_query.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/10206/info Multiple vulnerabilities were reported to exist in Protector System, which is a third-party module for PHP-Nuke. Cross-site scripting and SQL injection vulnerabilities were reported. Exploitation of these issues may reveal sensitive information...

Web Protector 2.0 - Trivial Encryption

Web Protector 2.0 - Trivial Encryption source: https://www.securityfocus.com/bid/7409/info Web protector has been reported prone to a trivial encryption weakness. It has been reported that the method used to obfuscate and protect the HTML source of web pages implementing Web Protector is flawed a...

Web Protector 2.0 - Trivial Encryption

source: https://www.securityfocus.com/bid/7409/info Web protector has been reported prone to a trivial encryption weakness. It has been reported that the method used to obfuscate and protect the HTML source of web pages implementing Web Protector is flawed and may be easily reversed. This weaknes...