26 matches found
CVE-2010-2723
CVE-2010-2723 describes a Cross-site scripting (XSS) vulnerability in LISTSERV 15 and 16 that allows remote attackers to inject arbitrary web script or HTML via the T parameter. Affected software is LISTSERV 15 and LISTSERV 16; the underlying issue is an input handling flaw enabling script inject...
Directory traversal
Directory traversal vulnerability in test/index.php in PHP-Sugar 0.80 allows remote attackers to read arbitrary files via a ..// dot dot slash slash in the t parameter...
HIS-Webshop (his-webshop.pl t) Remote File Disclosure Vulnerability
Exploit for cgi platform in category web applications =================================================================== HIS-Webshop his-webshop.pl t Remote File Disclosure Vulnerability =================================================================== HIS-Webshop is a shopping-system written ...
CVE-2006-3036
Multiple cross-site scripting XSS vulnerabilities in 35mmslidegallery 6.0 allow remote attackers to inject arbitrary web script or HTML via the 1 imgdir parameter in a index.php, and the 2 w, 3 h, and 4 t parameters in b popup.php...
CVE-2006-1669
The CVE-2006-1669 entry documents a SQL injection in phpHeaven Team PHPMyChat 0.14.5 and earlier, exploitable via the T parameter in chat/messagesL.php3. The underlying issue allows remote command execution as the username is later processed in an eval() call, and the username originates from the...
PT-2005-4308 · Vubb · Vubb
Name of the Vulnerable Software and Affected Versions: VUBB alpha version rc1 Description: A cross-site scripting XSS issue exists, allowing remote attackers to inject arbitrary web script or HTML via the t parameter in a "newreply" action. This can occur in the index.php file. Recommendations: F...