CVE-2006-5148

Multiple PHP remote file inclusion vulnerabilities in Forum82 2.5.2b and earlier allow remote attackers to execute arbitrary PHP code via a URL in the repertorylevel parameter including scripts in /forum/ including 1 search.php, 2 message.php, 3 member.php, 4 mail.php, 5 lostpassword.php, 6...

OlateDownload3.4.0.txt

::OlateDownload 3.4.0 Multiple Vulnerabilities :: ------------------------------------------------ Software : OlateDownload Website : www.olate.co.uk Bug Discover : Hessam-x / www.hessamx.net I. Cross Site Scripting Vulnerability ------------------------------------------------- Parameter...

CVE-2006-5148

Multiple PHP remote file inclusion vulnerabilities in Forum82 2.5.2b and earlier allow remote attackers to execute arbitrary PHP code via a URL in the repertorylevel parameter including scripts in /forum/ including 1 search.php, 2 message.php, 3 member.php, 4 mail.php, 5 lostpassword.php, 6...

CVE-2006-5059

Multiple cross-site scripting XSS vulnerabilities in WWWthreads 5.4.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the Cat parameter to 1 dosearch.php, 2 postlist.php, 3 showmembers.php, 4 faqenglish.php, 5 online.php, 6 login.php, 7 newuser.php, 8 wwwthreads.php,...

CVE-2006-4917

Cross-site scripting XSS vulnerability in search.php in PT News 1.7.8 allows remote attackers to inject arbitrary web script or HTML via the pgname parameter...

CVE-2006-4923

The CVE-2006-4923 vulnerability affects the eSyndiCat Portal System, specifically the search.php component, where the what parameter can be exploited to inject arbitrary script/HTML (XSS). The issue is described as a cross-site scripting vulnerability enabling remote code/script insertion. The cu...

PT News 1.7.8 (Search.php) XSS Vulnerability

PT News 1.7.8 Search.php XSS Vulnerability ----------------------------------------------------------- PT News Version: 1.7.8 Website URL:http://www.openbg.net/ptsite/ ----------------------------------------------------------- Discoved by Snake Unkn0wn Security Researcher The original article ca...

CVE-2006-4881

Multiple cross-site scripting XSS vulnerabilities in David Bennett PHP-Post PHPp 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the replyuser parameter in a pm.php; 2 the txtjumpto parameter in b dropdown.php; the 3 txterror and 4 txttemplatenotexist parameter...

eSyndiCat Portal System XSS Vuln.

eSyndiCat Portal System has an xss bug in search.php can be exploited from web interface http://www.example.com/path/search.php?what=xss&searchtop.x=0&searchtop.y=0&searchtop=GO -------------------- Discovered by meto5757 Rootshell Security Group...

Pie Cart Pro - Inc_Dir Remote File Inclusion

Pie Cart Pro - IncDir Remote File Inclusion ==================================================================== Pie Cart Pro = IncDir Remote File Inclusion Exploit ==================================================================== Critical Level : Dangerous By SnIpErSA...

CVE-2006-4794

Multiple cross-site scripting XSS vulnerabilities in e107 0.7.5 allow remote attackers to inject arbitrary web script or HTML via the query string PATHINFO in 1 contact.php, 2 download.php, 3 admin.php, 4 fpw.php, 5 news.php, 6 search.php, 7 signup.php, 8 submitnews.php, and 9 user.php. NOTE: the...

vikingMultiple.txt

================================================ :: Vikingboard 0.1b Multiple Vulnerabilities :: ================================================ Software : Vikingboard Website : http://www.vikingboard.com/ Discover : Hessam-x / www.hessamx.net I. Cross Site Scripting Vulnerabilities...

CVE-2006-4708

Multiple cross-site scripting XSS vulnerabilities in Vikingboard 0.1b allow remote attackers to inject arbitrary web script or HTML via the 1 act parameter in a help.php and b search.php, and the 2 p parameter in report.php...

CVE-2006-4708

Multiple cross-site scripting XSS vulnerabilities in Vikingboard 0.1b allow remote attackers to inject arbitrary web script or HTML via the 1 act parameter in a help.php and b search.php, and the 2 p parameter in report.php...

Vikingboard 0.1b Multiple Vulnerabilities

================================================ :: Vikingboard 0.1b Multiple Vulnerabilities :: ================================================ Software : Vikingboard Website : http://www.vikingboard.com/ Discover : Hessam-x / www.hessamx.net I. Cross Site Scripting Vulnerabilities...

newangels-11.txt

newangels-team.eu 11 FreeWebshop - Cross Site Scripting & SQL Injection Vulnerabilities =========================================================================================== Vendor site = http://www.sensesites.com/ Date: Jun 13 2006 Risk = MEDIUM Version: 5.0 Credit: ======= NewAngels Team ...

freewebshop21.txt

NewAngels Advisory 9 FreeWebshop - Cross Site Scripting & SQL Injection Vulnerabilities ========================================================================================== Vendor site = http://www.freewebshop.org/ Date: Jun 15 2006 Version: 2.1 Credit: ======= NewAngels Team...

CVE-2006-3377

Cross-site scripting XSS vulnerability in JMB Software AutoRank PHP 3.02 and earlier, and AutoRank Pro 5.01 and earlier, allows remote attackers to inject arbitrary web script or HTML via the 1 Keyword parameter in search.php and the 2 Username parameter in main.cgi...

CVE-2006-3382

Cross-site scripting XSS vulnerability in search.php in mAds 1.0 allows remote attackers to inject arbitrary web script or HTML via the "search string"...

CVE-2006-3382

CVE-2006-3382 is a cross-site scripting (XSS) vulnerability in the search.php component of mAds 1.0 , exploitable via the search string parameter. According to the records, remote attackers can inject arbitrary web script or HTML. The NVD metrics indicate a Medium base score (4.3) with network at...