CVE-2006-1569

Multiple SQL injection vulnerabilities in RedCMS 0.1 allow remote attackers to execute arbitrary SQL commands via the 1 username or 2 password parameters to a login.php or b register.php; or 3 u parameter to c profile.php...

CVE-2006-1568

Multiple cross-site scripting XSS vulnerabilities in register.php in RedCMS 0.1 allow remote attackers to inject arbitrary web script or HTML via the 1 email, 2 location, or 3 website parameters...

CVE-2006-1568

RedCMS 0.1 is affected in register.php by multiple XSS vulnerabilities. The vulnerable parameters are email, location, and website, through which remote attackers can inject arbitrary web script or HTML. The reported issue affects RedCMS 0.1 and is documented across multiple sources; no explicit ...

Phorum < 5.0.18 XSS Vulnerability

Phorum contains a script called SPDX-FileCopyrightText: 2006 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phorum:phorum"; ifdescription...

Design/Logic Flaw

register.php in PunBB 1.2.10 allows remote attackers to cause an unspecified denial of service via a flood of new user registrations...

CVE-2006-1090

register.php in PunBB 1.2.10 allows remote attackers to cause an unspecified denial of service via a flood of new user registrations...

Cross site scripting

Cross-site scripting XSS vulnerability in register.php in DEV web management system 1.5 allows remote attackers to inject arbitrary web script or HTML via the "City/Region" field mesto variable. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...

CVE-2006-0886

The provided sources describe a Cross-site scripting (XSS) vulnerability in DEV web management system 1.5, specifically in register.php, exploitable via the City/Region field (mesto variable). Remote attackers could inject arbitrary web script or HTML. The vulnerability affects the register.php h...

CVE-2006-0134

The CVE-2006-0134 vulnerability concerns TheWebForum (twf) version 1.2.1, specifically the register.php script. The issue is a cross-site scripting (XSS) flaw that accepts user input via the www parameter and does not sufficiently sanitize it, enabling remote attackers to inject arbitrary web scr...

CVE-2005-4642

Multiple cross-site scripting XSS vulnerabilities in HydroBB 1.0.0 Beta 2 allow remote attackers to inject arbitrary web script or HTML via the s parameter to 1 search.php, 2 members.php, 3 stats.php, 4 viewforum.php, 5 register.php, 6 usercp.php, 7 groups.php, 8 pms.php, and 9 calendar.php...

CVE-2005-4161

Multiple cross-site scripting XSS vulnerabilities in MilliScripts 1.4 redirect script allow remote attackers to inject arbitrary web script or HTML via the domainname parameter to register.php, and other unspecified vectors. NOTE: the vendor has disputed this issue, stating "No invalid input can...

PT-2005-4860 · Milliscripts · Milliscripts

Name of the Vulnerable Software and Affected Versions: MilliScripts version 1.4 Description: The issue allows remote attackers to inject arbitrary web script or HTML via the domainname parameter to "register.php", and other unspecified vectors. The vendor has disputed this issue, stating that no...

CVE-2005-3365

Multiple SQL injection vulnerabilities in DCP-Portal 6 and earlier allow remote attackers to execute arbitrary SQL commands, possibly requiring encoded characters, via 1 the name parameter in register.php, 2 the email parameter in lostpassword.php, 3 the year parameter in calendar.php, and the 4...

CVE-2005-3365

Multiple SQL injection vulnerabilities in DCP-Portal 6 and earlier allow remote attackers to execute arbitrary SQL commands, possibly requiring encoded characters, via 1 the name parameter in register.php, 2 the email parameter in lostpassword.php, 3 the year parameter in calendar.php, and the 4...

CVE-2004-2511

Multiple cross-site scripting XSS vulnerabilities in DCP-Portal 5.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the year, 2 month, and 3 day parameters in calendar.php; 4 the cid and 5 url parameters in index.php; 6 the cid parameter in annoucement.php; 7 the...

CVE-2005-2836

CVE-2005-2836 affects Phorum versions up to 5.0.17a. The vuln arises from cross-site scripting in two input points: (1) the username field in register.php and (2) a signed-in user’s signature shown in “My Control Center,” not properly sanitized by control.php. The result is remote injection of sc...

Phorum < 5.0.18 register.php XSS

Binary data 3203.prm...

CVE-2002-1820

register.php in Ultimate PHP Board UPB 1.0 and 1.0b uses an administrative account Admin with a capital "A," but allows a remote attacker to impersonate the administrator by registering an account name of admin with a lower case "a."...

CVE-2004-2110

SQL injection vulnerability in register.php in Phorum before 3.4.6 allows remote attackers to execute arbitrary SQL commands via the hideemail parameter...

CVE-2005-0863

Cross-site scripting XSS vulnerability in PHPOpenChat v3.x allows remote attackers to inject arbitrary web script or HTML via 1 the chatter parameter to regulars.php or 2 the chatter, chatter1, chatter2, chatter3, or chatter4 parameters to register.php...