1673 matches found
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in WB News 2.0.1, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the configinstalldir parameter to 1 search.php, 2 archive.php, 3 comments.php, and 4 news.php; 5 News.php, 6 SendFriend.php, 7...
WSN Guest 1.23 SQL Injection
WSN Guest 1.23 search.php SQL Injection Vulnerability %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% Author : DaiMon Homepage : http://www.cwdaimon.com Contact : cwdaimonatgmail.com...
WSN Guest 1.23 - Search SQL Injection
WSN Guest 1.23 - Search SQL Injection WSN Guest 1.23 search.php SQL Injection Vulnerability %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% Author : DaiMon Homepage : http://www.cwdaimon.com Contact : cwdaimonatgmail.com...
Unfixed XSS vulnerability at www.webinaria.com
Security researcher xylitol, has submitted on 12/07/2008 a cross-site-scripting XSS vulnerability affecting www.webinaria.com, which at the time of submission ranked 1396308 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 12/07/2008. It is...
Sphider query Parameter Cross-Site Scripting Vulnerability
Sphider is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2008-5211
Sphider 1.3.4 is vulnerable to a cross-site scripting (XSS) flaw in search.php when the search suggestion feature is enabled. The issue is triggered via the query parameter and allows injection of arbitrary script/HTML. Several connected sources (OpenVAS tests and upstream CVE records) confirm th...
CVE-2008-5211
Cross-site scripting XSS vulnerability in search.php in Sphider 1.3.4, when the search suggestion feature is enabled, allows remote attackers to inject arbitrary web script or HTML via the query parameter, a different vector than CVE-2006-2506...
Unfixed XSS vulnerability at go-bg.info
Security researcher CruiseBG, has submitted on 22/11/2008 a cross-site-scripting XSS vulnerability affecting go-bg.info, which at the time of submission ranked 3451541 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 22/12/2011. It is currently...
Cross site scripting
Cross-site scripting XSS vulnerability in search.php in BoutikOne CMS allows remote attackers to inject arbitrary web script or HTML via the searchquery parameter...
CVE-2008-5126
The CVE-2008-5126 entry concerns BoutikOne CMS, where the vulnerability is in the file search.php and is triggered via the search_query parameter. The issue is a Cross-site Scripting (XSS) vulnerability that permits remote attackers to inject arbitrary web script or HTML. The publicly provided de...
CVE-2008-5119
Cross-site scripting XSS vulnerability in search.php in Scripts4Profit DXShopCart 4.30mc allows remote attackers to inject arbitrary web script or HTML via the keyword parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in search.php in Scripts4Profit DXShopCart 4.30mc allows remote attackers to inject arbitrary web script or HTML via the keyword parameter...
CVE-2008-5119
CVE-2008-5119 describes an Cross-site scripting (XSS) vulnerability in the PHP script search.php of Scripts4Profit DXShopCart 4.30mc. The issue allows remote attackers to inject arbitrary web script or HTML via the keyword parameter. The NVD entry lists a MEDIUM severity (CVSS v2.0: 4.3) with net...
CVE-2008-5068
Multiple cross-site scripting XSS vulnerabilities in Kmita Gallery allow remote attackers to inject arbitrary web script or HTML via the 1 begin parameter to index.php and the 2 searchtext parameter to search.php. NOTE: the provenance of this information is unknown; the details are obtained solel...
CVE-2008-5067
CVE-2008-5067 describes a cross-site scripting (XSS) vulnerability in Kmita Catalogue 2.x, exploitable via search.php parameter q. The connected records confirm the affected software (Kmita Catalogue 2.x) and the vulnerable entry point (search.php), with the underlying issue being improper handli...
Unfixed XSS vulnerability at www.bowenshideout.com
Security researcher SaMTHG, has submitted on 27/10/2008 a cross-site-scripting XSS vulnerability affecting www.bowenshideout.com, which at the time of submission ranked 9572926 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/09/2009. It is...
miniPortail 2.2 - Cross-Site Scripting Local File Inclusion
miniPortail 2.2 - Cross-Site Scripting Local File Inclusion / miniPortail javascript / milw0rm.com 2008-10-23...
Cross site scripting
Cross-site scripting XSS vulnerability in search.php in Dan Fletcher Recipe Script allows remote attackers to inject arbitrary web script or HTML via the keyword parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
Cross site scripting
Cross-site scripting XSS vulnerability in search.php in Ed Pudol Clickbank Portal allows remote attackers to inject arbitrary web script or HTML via the search box. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2008-4669
CVE-2008-4669 is a Cross‑site Scripting (XSS) vulnerability in search.php of the Dan Fletcher Recipe Script, exploitable via the keyword parameter to inject arbitrary web script/HTML. The NVD entry lists a CVSS v2 base score of 4.3 (Medium) with network attack vector, required user interaction no...