CVE-2005-4546

search.php in eggblog 2.0 allows remote attackers to obtain the full path via an invalid q parameter, as used by the Keyword and Search fields, possibly due to an SQL injection vulnerability...

CVE-2005-4236

Cross-site scripting XSS vulnerability in search.php in CKGOLD allows remote attackers to inject arbitrary web script or HTML via the search parameters...

CVE-2005-4236

CVE-2005-4236 concerns an XSS vulnerability in the CKGOLD package, specifically in the search.php component. The issue allows remote attackers to inject arbitrary web script or HTML through the search parameters, enabling cross-site scripting. The available connected records confirm the flaw as a...

CVE-2005-4236

Cross-site scripting XSS vulnerability in search.php in CKGOLD allows remote attackers to inject arbitrary web script or HTML via the search parameters...

CVE-2005-4240

Vulnerability details (CVE-2005-4240): Affected software is VCD-db 0.98 and earlier. The issue is an SQL injection in search.php via the by parameter, allowing remote attackers to execute arbitrary SQL commands. Impact is stated as partial confidentiality/integrity/availability (per CVSS), with n...

CVE-2005-4245

CVE-2005-4245 is a cross-site scripting (XSS) vulnerability in Snipe Gallery 3.1.4 and earlier affecting the file search.php . The issue arises from the keyword parameter, allowing remote attackers to inject arbitrary web script or HTML. According to the record, the impact is confidentiality: non...

CVE-2005-4245

Cross-site scripting XSS vulnerability in search.php in Snipe Gallery 3.1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the keyword parameter...

CVE-2005-4057

Cross-site scripting XSS vulnerability in search.php in PluggedOut Nexus 0.1 allows remote attackers to inject arbitrary web script or HTML via the 1 Location, 2 Last Name, and 3 First Name parameters...

CVE-2005-4056

SQL injection vulnerability in search.php in PluggedOut Nexus 0.1 allows remote attackers to execute arbitrary SQL commands via the 1 Location, 2 Last Name, and 3 First Name parameters...

CVE-2005-4057

CVE-2005-4057 describes a Cross-site scripting (XSS) vulnerability in the PluggedOut Nexus 0.1 project, specifically in search.php. The vulnerability allows remote attackers to inject arbitrary web script or HTML through the (1) Location, (2) Last Name, and (3) First Name parameters. The entries ...

CVE-2005-4056

CVE-2005-4056 describes a SQL injection vulnerability in the search.php component of PluggedOut Nexus 0.1. The flaw allows remote attackers to manipulate the database by injecting SQL through the Location, Last Name, and First Name parameters. The vulnerability is documented with a high impact po...

CVE-2005-4026

search.php in Geeklog 1.4.x before 1.4.0rc1, and 1.3.x before 1.3.11sr3, allows remote attackers to obtain sensitive information via invalid 1 datestart and 2 dateend parameters, which leaks the web server path in an error message...

CVE-2005-4026

search.php in Geeklog 1.4.x before 1.4.0rc1, and 1.3.x before 1.3.11sr3, allows remote attackers to obtain sensitive information via invalid 1 datestart and 2 dateend parameters, which leaks the web server path in an error message...

CVE-2005-3881

SQL injection vulnerability in search.php in AtlantisFAQ Knowledge Base Software 2.03 and earlier allows remote attackers to execute arbitrary SQL commands via the searchStr parameter...

KBase Express SQL inj. vuln.

KBase Express SQL inj. vuln. Vuln. dicovered by : r0t Date: 29 nov. 2005 Orginal advisory:http://pridels.blogspot.com/2005/11/kbase-express-sql-inj-vuln.html Vendor:http://www.sensationdesigns.com/products/scripts/kbaseexpress/ affected version: 1.0.0 and prior Product Description: KBase Express ...

CVE-2005-3838

The CVE-2005-3838 issue affects IsolSoft Support Center 2.2 and earlier. Multiple SQL injection vulnerabilities exist in search.php, exploitable via the parameters (1) lorder, (2) Priority, (3) Status, (4) Category, (5) searchvalue, and (6) field to execute arbitrary SQL commands remotely. The pr...

CVE-2005-3834

CVE-2005-3834 : An XSS vulnerability exists in Tunez (versions 1.21 and earlier) in search.php, exploitable via the searchFor parameter. Remote attackers can inject arbitrary web script or HTML. Affected software/component: Tunez 1.21 and earlier; vulnerable parameter: searchFor in search.php. Im...

CVE-2005-3834

Cross-site scripting XSS vulnerability in search.php in Tunez 1.21 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchFor parameter...

CVE-2005-3814

CVE-2005-3814 affects SmartPPC Pro with multiple XSS flaws accessible through the username parameter in directory.php, frames.php, and search.php. The PT-2005-4562 entry confirms the vulnerabilities, noting no specific affected versions and indicating that a fix/version with patches is not listed...

Amazon Shop 5.0.0 XSS vuln.

Amazon Shop 5.0.0 XSS vuln. Vuln. dicovered by : r0t Date: 26 nov. 2005 Orginal advisory:http://pridels.blogspot.com/2005/11/amazon-shop-500-xss-vuln.html Vendor:http://www.ghostscripter.com/amazonshop.php affected version:5.0.0 and prior Product description: With Amazon Shop you can run your ver...