32 matches found
CVE-2011-5109
CVE-2011-5109 describes multiple SQL injection vulnerabilities in Freelancer calendar 1.01 and earlier. The issue allows remote attackers to inject arbitrary web script or HTML via the SearchField parameter in a search action to (1) category_list.php, (2) Copy_of_calendar_list.php, (3) customer_s...
CVE-2011-5110
Multiple SQL injection vulnerabilities in Blogs Manager 1.101 and earlier allow remote attackers to execute arbitrary SQL commands via the SearchField parameter in a search action to 1 authorslist.php, 2 blogslist.php, 3 categorylist.php, 4 commentslist.php, 5 policylist.php, 6 ratelist.php, 7...
CVE-2011-4672
Multiple SQL injection vulnerabilities in Valid tiny-erp 1.6 and earlier allow remote attackers to execute arbitrary SQL commands via the SearchField parameter in a search action to 1 partnerlist.php, 2 proioncategorylist.php, 3 rantevoulist.php, 4 syncategorylist.php, 5 synallasomenoslist.php, 6...
Sql injection
Multiple SQL injection vulnerabilities in Valid tiny-erp 1.6 and earlier allow remote attackers to execute arbitrary SQL commands via the SearchField parameter in a search action to 1 partnerlist.php, 2 proioncategorylist.php, 3 rantevoulist.php, 4 syncategorylist.php, 5 synallasomenoslist.php, 6...
CVE-2011-4672
Multiple SQL injection vulnerabilities in Valid tiny-erp 1.6 and earlier allow remote attackers to execute arbitrary SQL commands via the SearchField parameter in a search action to 1 partnerlist.php, 2 proioncategorylist.php, 3 rantevoulist.php, 4 syncategorylist.php, 5 synallasomenoslist.php, 6...
Sql injection
Multiple SQL injection vulnerabilities in PHPRunner 4.2, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the SearchField parameter to 1 UserViewlist.php, 2 orderslist.php, 3 userslist.php, and 4 Administratorlist.php...
PHPRunner 4.2 (SearchOption) Blind SQL Injection Vulnerability
Exploit for unknown platform in category web applications ============================================================== PHPRunner 4.2 SearchOption Blind SQL Injection Vulnerability ==============================================================...
PHPRunner 4.2 SQL Injection
www.BugReport.ir AmnPardaz Security Research Team Title: PHPRunner SQL Injection Vendor: http://www.xlinesoft.com Vulnerable Version: 4.2 prior versions also may be affected Exploitation: Remote with browser Original Advisory: http://www.bugreport.ir/index63.htm Fix: N/A - Description: PHPRunner...
Cross site scripting
Cross-site scripting XSS vulnerability in SystemList.jsp in SysAid 5.1.08 allows remote attackers to inject arbitrary web script or HTML via the searchField parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2006-1567
Cross-site scripting XSS vulnerability in searchresults.asp in SiteSearch Indexer 3.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchField parameter...
CVE-2005-4487
Cross-site scripting XSS vulnerability in RAMSite R|1 CMS 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchfield parameter...
CVE-2005-4487
Cross-site scripting XSS vulnerability in RAMSite R|1 CMS 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchfield parameter...