1673 matches found
CVE-2009-3189
The CVE-2009-3189 entry describes an XSS in DigiOz Guestbook 1.7.2, exploitable through the search_term parameter in search.php, allowing remote injection of script/HTML. No remediation details are provided in the supplied documents.
CVE-2009-3197
CVE-2009-3197 describes a cross-site scripting (XSS) vulnerability in the PHP Calendars Script by JCE-Tech, specifically in search.php. The flaw lets remote attackers inject arbitrary web script or HTML by supplying a crafted value to the search parameter. The NVD metrics indicate a MEDIUM-severi...
CVE-2009-3171
Multiple cross-site scripting XSS vulnerabilities in Anantasoft Gazelle CMS 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 user parameter to user.php or 2 lookup parameter to search.php...
Datemill - 'search.php?st' Cross-Site Scripting
source: https://www.securityfocus.com/bid/42896/info Datemill is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
Datemill - search.php?st Cross-Site Scripting
Datemill - search.php?st Cross-Site Scripting source: https://www.securityfocus.com/bid/42896/info Datemill is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code i...
PHP Calendars Script Cross Site Scripting
/ | | \ \ / / | | \ \ / / | |\ \ /\ / / | | | | | | \ V /| | | \ V V / | | || | || / ||| // ,|, | |/ | | | |/ / | ' \ | | / | | | | | | | |||,|| || || PHP Calendars Script Remote XSS Vulnerabilities Discovered By : Moudi Contact : Download : http://www.jce-tech.com/phpcalendars.php...
Affiliate Master Script 2.0 XSS
/ | | \ \ / / | | \ \ / / | |\ \ /\ / / | | | | | | \ V /| | | \ V V / | | || | || / ||| // ,|, | |/ | | | |/ / | ' \ | | / | | | | | | | |||,|| || || Affiliate Master Script V2.0 Remote XSS Vulnerabilities Discovered By : Moudi Contact : Download :...
PHP-Fusion-AP search.php Disclosure
===================================================== PHP-Fusion-AP-7.00.2-Rus search.php disclosure ways ===================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1...
Open Auto Classifieds 1.5.9 SQL Injection
MorningStar Security - Advisory http://www.morningstarsecurity.com/ Multiple security issues in Open Auto Classifieds 1. Advisory Information ---------------------------------------------------------------------------------------------- Title: Multiple security issues in Open Auto Classifieds...
DigiOz Guestbook 1.7.2 XSS
/ | | \ \ / / | | \ \ / / | |\ \ /\ / / | | | | | | \ V /| | | \ V V / | | || | || / ||| // ,|, | |/ | | | |/ / | ' \ | | / | | | | | | | |||,|| || || DigiOz Guestbook 1.7.2 Remote XSS Vulnerabilities Discovered By : Moudi Contact : Download : http://www.digioz.com/guestbook/guestbook.zip...
Open Auto Classifieds 1.5.9 - Multiple Vulnerabilities
MorningStar Security - Advisory http://www.morningstarsecurity.com/ Multiple security issues in Open Auto Classifieds 1. Advisory Information ---------------------------------------------------------------------------------------------- Title: Multiple security issues in Open Auto Classifieds...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in PG MatchMaking allow remote attackers to inject arbitrary web script or HTML via the show parameter to 1 browseladies.php and 2 browsemen.php, the 3 gender parameter to search.php, and the 4 id parameter to services.php...
phpDirectorySource 1.0 - Cross-Site Scripting / SQL Injection
============================================================================== » ! Coder - Developer HTML / CSS / PHP / Vb6 . ! ============================================================================== » Web Business Directory 1.0 search.php Multiple Remote Vulnerabilities...
DragDropCart - search.php?search Cross-Site Scripting
DragDropCart - search.php?search Cross-Site Scripting source: https://www.securityfocus.com/bid/43478/info DragDropCart is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrar...
CVE-2009-2424
CVE-2009-2424 affects Ebay Clone 2009 where the XSS vulnerability is caused by an injection in the search.php mode parameter. The impact is the ability to execute arbitrary script/HTML in the victim’s browser. Public references confirm the issue, and an exploit is listed by Exploit DB (per CIRCL ...
SIPS v0.2.2 Remote File Inclusion Vulnerability
/=============================================================================================================================================== | | o SIPS v0.2.2 Remote File Inclusion Vulnerability | | Software : SIPS v0.2.2 | Vendor : http://www.phpscripts-fr.net/scripts/hosted/sips022.zip |...
CVE-2008-6838
CVE-2008-6838 is a Cross-site Scripting (XSS) vulnerability affecting Zoph 0.7.2.1, exposed via search.php. The issue allows remote attackers to inject arbitrary script or HTML through the _off parameter. The vulnerability description notes that the provenance of the information is from third par...
CVE-2008-6838
Cross-site scripting XSS vulnerability in search.php in Zoph 0.7.2.1 allows remote attackers to inject arbitrary web script or HTML via the off parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2009-2179
SQL injection vulnerability in search.php in phpDatingClub 3.7 allows remote attackers to execute arbitrary SQL commands via the sformday parameter...
phpDatingClub 3.7 - SQL Injection Cross-Site Scripting Injection
phpDatingClub 3.7 - SQL Injection Cross-Site Scripting Injection phpDatingClub v 3.7ansubdepartmentsid SQL/XSS Injection Vulnerability Note: Algeria 2-0 Zambia Founder : ThE g0bL!N Home:WwW.Snakespc.CoM More info:http://www.w2b.ru/webapp.php?cat=phpDatingClub SQL Injection Vulnerability Exploit...