1673 matches found
CVE-2008-2694
Cross-site scripting XSS vulnerability in search.php in phpInv 0.8.0 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter...
Sql injection
Multiple SQL injection vulnerabilities in yBlog 0.2.2.2 allow remote attackers to execute arbitrary SQL commands via 1 the q parameter to search.php, or the n parameter to 2 user.php or 3 uss.php...
CVE-2008-2668
CVE-2008-2668 : The provided documents identify multiple cross-site scripting (XSS) vulnerabilities in the web application yBlog 0.2.2.2 . The vulnerabilities can be triggered by user-supplied input in the following parameters: (1) the q parameter to search.php, and (2) the n parameter to either ...
CVE-2008-2668
Multiple cross-site scripting XSS vulnerabilities in yBlog 0.2.2.2 allow remote attackers to inject arbitrary web script or HTML via 1 the q parameter to search.php, or the n parameter to 2 user.php or 3 uss.php...
yBlog 0.2.2.2 (XSS/SQL) Multiple Remote Vulnerabilities
No description provided by source. / | || | | | | | | | | /| | | | | || ||| ||||| || C. H. R. O. O. T. SECURITY GROUP - -- ----- --- -- -- ---- --- -- - http://www.chroot.org Hacks In Taiwan | || | | | | | | | Conference 2008 | | ...
Unfixed XSS vulnerability at www.nfda.org
Security researcher k a n u r, has submitted on 06/11/2008 a cross-site-scripting XSS vulnerability affecting www.nfda.org, which at the time of submission ranked 575042 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/09/2009. It is currentl...
CVE-2008-2644
Multiple cross-site scripting XSS vulnerabilities in SMEWeb 1.4b and 1.4f allow remote attackers to inject arbitrary web script or HTML via the 1 data parameter to catalog.php, the 2 keyword parameter to search.php, the 3 page parameter to bb.php, and the 4 news parameter to order.php...
Unfixed XSS vulnerability at www.annuaireblog.org
Security researcher Mystick, has submitted on 06/10/2008 a cross-site-scripting XSS vulnerability affecting www.annuaireblog.org, which at the time of submission ranked 298465 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 29/03/2009. It is...
Yblog 0.2.2.2 - Cross-Site Scripting / SQL Injection
/ | || | | | | | | | | /| | | | | || ||| ||||| || C. H. R. O. O. T. SECURITY GROUP - -- ----- --- -- -- ---- --- -- - http://www.chroot.org Hacks In Taiwan | || | | | | | | | Conference 2008 | | | | | | | | | || ||| || |||| http://www.hitcon.org Title =======:: yBlog 0.2.2.2 Multiple Remote...
Yblog 0.2.2.2 - Cross-Site Scripting SQL Injection
Yblog 0.2.2.2 - Cross-Site Scripting SQL Injection / | || | | | | | | | | /| | | | | || ||| ||||| || C. H. R. O. O. T. SECURITY GROUP - -- ----- --- -- -- ---- --- -- - http://www.chroot.org Hacks In Taiwan | || | | | | | | | Conference 2008 | | | | | | | | | || ||| || ||||...
Unfixed XSS vulnerability at www.sonidoo.com
Security researcher mygotmanoel, has submitted on 06/08/2008 a cross-site-scripting XSS vulnerability affecting www.sonidoo.com, which at the time of submission ranked 471093 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 06/08/2008. It is...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in 427BB 2.3.1 allow remote attackers to inject arbitrary web script or HTML via the 1 PATHINFO to a register.php, b reminder.php, and c search.php; the 2 uname, 3 email, and 4 email2 parameters to register.php; the 5 email parameter to...
427BB 2.3.1 (SQL/XSS) Multiple Remote Vulnerabilities
Exploit for unknown platform in category web applications ===================================================== 427BB 2.3.1 SQL/XSS Multiple Remote Vulnerabilities ===================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH...
427bb 2.3.1 - SQL Injection / Cross-Site Scripting
============================================================ 427BB 2.3.1 SQL/XSS Multiple Remote Vulnerabilities ============================================================ ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...
426bb-sqlxss.txt
============================================================ 427BB 2.3.1 SQL/XSS Multiple Remote Vulnerabilities ============================================================ ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...
SMEweb 1.4b (SQL/XSS) Multiple Remote Vulnerabilities
No description provided by source. ======================================================= SMEweb 1.4b SQL/XSS Multiple Remote Vulnerabilities ======================================================= ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Tea...
smeweb-sqlxss.txt
======================================================= SMEweb 1.4b SQL/XSS Multiple Remote Vulnerabilities ======================================================= ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...
SMEweb 1.4b (SQL/XSS) Multiple Remote Vulnerabilities
Exploit for unknown platform in category web applications ===================================================== SMEweb 1.4b SQL/XSS Multiple Remote Vulnerabilities ===================================================== ======================================================= SMEweb 1.4b SQL/XSS...
smeweb 1.4b - SQL Injection Cross-Site Scripting
smeweb 1.4b - SQL Injection Cross-Site Scripting ======================================================= SMEweb 1.4b SQL/XSS Multiple Remote Vulnerabilities ======================================================= ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Undergrou...
CVE-2008-2453
CVE-2008-2453 affects the PHP Classifieds Script, with two SQL injection flaws: the fatherID parameter in browse.php and search.php. The underlying issue allows remote attackers to execute arbitrary SQL commands. Impact is described as remote arbitrary SQL execution with partial confidentiality/i...