Sql injection

SQL injection vulnerability in search.php in MH Products kleinanzeigenmarkt allows remote attackers to execute arbitrary SQL commands via the c parameter...

CVE-2010-5062

SQL injection vulnerability in search.php in MH Products kleinanzeigenmarkt allows remote attackers to execute arbitrary SQL commands via the c parameter...

CVE-2010-5062

CVE-2010-5062 affects MH Products kleinanzeigenmarkt; vulnerability in search.php, via the c parameter, allows remote attackers to perform SQL injection and execute arbitrary SQL commands. Root cause: improper input handling in the search functionality leading to unauthenticated database access. ...

MyChurchWebsite Cross Site Scripting

Exploit Title: MyChurchWebsite XSS Date: 04.11.2011 - 17.55 Author: Mr.PaPaRoSSe Tested On: BackTrack 5 - Win7 Platform: Php ------------------------------------------------------------- alertdocument.cookie search.php?pageID=search&search=XSS...

Jara 1.6 - Multiple Vulnerabilities

Jara 1.6 - Multiple Vulnerabilities !/Mohammed/bin/YahYa Jara v1.6 Multiple Vulnerabilities -------------------------------------------+ download : http://sourceforge.net/projects/jara/files/v1.6/jarav16.zip AutHOr : Or4nG.M4n cOntAct : priv8teathotmail.com versiOn : v1.6 Tested : My Mind :...

Jara 1.6 - Multiple Vulnerabilities

!/Mohammed/bin/YahYa Jara v1.6 Multiple Vulnerabilities -------------------------------------------+ download : http://sourceforge.net/projects/jara/files/v1.6/jarav16.zip AutHOr : Or4nG.M4n cOntAct : priv8teathotmail.com versiOn : v1.6 Tested : My Mind :...

Cross site scripting

Cross-site scripting XSS vulnerability in search.php in iScripts eSwap 2.0 allows remote attackers to inject arbitrary web script or HTML via the txtHomeSearch parameter aka the search field. NOTE: some of these details are obtained from third party information...

CVE-2010-5035

CVE-2010-5035 is an XSS vulnerability in iScripts eSwap 2.0, affecting the search.php script via the txtHomeSearch parameter. The underlying issue is a failure to properly sanitize input, enabling remote attackers to inject arbitrary script/HTML through the search field. The NVD entry lists a CVS...

Cross site scripting

Cross-site scripting XSS vulnerability in search/search.php in MetInfo 3.0 allows remote attackers to inject arbitrary web script or HTML via the searchword parameter aka Search Box field. NOTE: some of these details are obtained from third party information...

Jara 1.6 Cross Site Scripting

Exploit Title: jara 1.6 XSS Vulnerabilities Date: 2011.10.25 Author: Expl0its We Are : Expl0its , Highersense , Black.spook & H4ckcity.net - zone-hc.com Software Link: http://sourceforge.net/projects/jara/files/v1.6/jarav16.zip Version: jara 1.6 Vulnerable Page: search.php?term&term= Exploit:...

Yet Another CMS 1.0 - SQL Injection / Cross-Site Scripting

Advisory: Yet Another CMS 1.0 SQL Injection & XSS vulnerabilities Advisory ID: SSCHADV2011-031 Author: Stefan Schurtz Affected Software: Successfully tested on Yet Another CMS 1.0 Vendor URL: http://yetanothercms.codeplex.com/ Vendor Status: informed ========================== Vulnerability...

CVE-2010-4932

Cross-site scripting XSS vulnerability in search.php in Entrans before 0.3.3 allows remote attackers to inject arbitrary web script or HTML via the query parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in search.php in Entrans before 0.3.3 allows remote attackers to inject arbitrary web script or HTML via the query parameter...

CVE-2010-4932

Cross-site scripting XSS vulnerability in search.php in Entrans before 0.3.3 allows remote attackers to inject arbitrary web script or HTML via the query parameter...

CVE-2010-4932

CVE-2010-4932 describes a reflected XSS in Entrans prior to 0.3.3, affecting the file search.php via the query parameter. The root cause is insufficient input sanitization, allowing remote attackers to inject arbitrary HTML/JavaScript executed in the victim’s browser. The linked advisories provid...

CVE-2010-4909

Multiple cross-site scripting XSS vulnerabilities in PaysiteReviewCMS 1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 q parameter to search.php or the 2 image parameter to image.php...

CVE-2011-2938

Multiple cross-site scripting XSS vulnerabilities in filterapi.php in MantisBT before 1.2.7 allow remote attackers to inject arbitrary web script or HTML via a parameter, as demonstrated by the projectid parameter to search.php...

Unfixed XSS vulnerability at dlh.net

Security researcher livinskull, has submitted on 13/09/2011 a cross-site-scripting XSS vulnerability affecting dlh.net, which at the time of submission ranked 65062 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/01/2012. It is currently...

DragDropCart Cross Site Scripting

Exploit Title: DragDropCart E-Commerce System Stored XSS Date: 2011 Author: Eyup CELIK Version: All Version Tested on: All versions are Vulnerability ISSUE Cross Site Scripting can be done using the command input Vulnerable Page: search.php yaxaluser.php Example: search.php?search= Exploit: "/...

Vbulletin 4.0.x => 4.1.3 (messagegroupid) SQL injection Vulnerability 0-day

No description provided by source. Exploit Title: Vbulletin 4.0.x = 4.1.3 messagegroupid SQL injection Vulnerability 0-day Google Dork: intitle: powered by Vbulletin 4 Date: 20/07/2011 Author: FB1H2S Software Link: urlhttp://www.vbulletin.com//url Version: 4.x.x Tested on: relevant os CVE :...