225 matches found
MiniNuke 2.1 - uid SQL Injection
MiniNuke 2.1 - uid SQL Injection MiniNuke v2.1 forum SQL Injection AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 MAÄ°L : [email protected] DORK 1 : allinurl:"members.asp?action" DORK 2 : allinurl: "members.asp"uid EXAMPLE= members.asp?action=memberdetails&uid=SQL exploi...
Sql injection
SQL injection vulnerability in uprofile.php in ClipShare allows remote attackers to execute arbitrary SQL commands via the UID parameter...
CVE-2008-0089
SQL injection vulnerability in uprofile.php in ClipShare allows remote attackers to execute arbitrary SQL commands via the UID parameter...
CVE-2008-0089
CVE-2008-0089 is a SQL injection flaw in ClipShare’s uprofile.php that can be exploited remotely via the UID parameter to execute arbitrary SQL. Affected: ClipShare (uprofile.php). Root cause: improper input handling leading to SQL injection. Impact per NVD: partial confidentiality, integrity, an...
CVE-2007-5692
Multiple cross-site scripting XSS vulnerabilities in SiteBar 3.3.8 allow remote attackers to inject arbitrary web script or HTML via 1 the lang parameter to integrator.php; 2 the token parameter in a New Password action, 3 the nidacl parameter in a Folder Properties action, or 4 the uid parameter...
CVE-2007-5692
Multiple cross-site scripting XSS vulnerabilities in SiteBar 3.3.8 allow remote attackers to inject arbitrary web script or HTML via 1 the lang parameter to integrator.php; 2 the token parameter in a New Password action, 3 the nidacl parameter in a Folder Properties action, or 4 the uid parameter...
CVE-2006-4667
Multiple SQL injection vulnerabilities in RunCMS 1.4.1 allow remote attackers to execute arbitrary SQL commands via the 1 uid parameter in a class/sessions.class.php, and the 2 timezoneoffset and 3 umode parameters in b class/xoopsuser.php...
CVE-2006-4667
CVE-2006-4667 concerns RunCMS 1.4.1, where multiple SQL injection flaws allow remote attackers to inject arbitrary SQL via (1) uid in class/sessions.class.php and (2) timezone_offset and (3) umode in class/xoopsuser.php. The NVD entry documents these specific parameters as the attack surface, wit...
CVE-2006-3182
Directory traversal vulnerability in index.php in MobeScripts Mobile Space Community 2.0 allows remote attackers to read arbitrary files via a .. dot dot in the uid parameter in the rss page...
CVE-2006-2974
Multiple cross-site scripting XSS vulnerabilities in EmailArchitect Email Server 6.1.0.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 errCode and 2 uid parameter in a default.asp and 3 dname parameter in b /admin/dns.asp and c /additional/regdomaindone.asp...
Sql injection
Multiple SQL injection vulnerabilities in admin.asp in WPC.easy allow remote attackers to execute arbitrary SQL commands via the 1 uid and 2 pwd parameter...
CVE-2006-0832
Multiple SQL injection vulnerabilities in admin.asp in WPC.easy allow remote attackers to execute arbitrary SQL commands via the 1 uid and 2 pwd parameter...
CVE-2006-0651
SQL injection vulnerability in index.php in vwdev allows remote attackers to execute arbitrary SQL commands via the UID parameter in the definition Page...
Sql injection
SQL injection vulnerability in index.php in vwdev allows remote attackers to execute arbitrary SQL commands via the UID parameter in the definition Page...
CVE-2006-0651
SQL injection vulnerability in index.php in vwdev allows remote attackers to execute arbitrary SQL commands via the UID parameter in the definition Page...
CVE-2006-0651
CVE-2006-0651 describes a SQL injection vulnerability in the vwdev application, where the UID parameter in index.php allows remote attackers to execute arbitrary SQL commands. The issue is rooted in improper input handling in the affected page, enabling an attacker with network access (no authent...
CVE-2005-4170
SQL injection vulnerability in eFiction 1.1 allows remote attackers to execute arbitrary SQL commands via the uid parameter to viewuser.php...
CVE-2005-4170
An SQL injection vulnerability in eFiction 1.1 allows remote attackers to execute arbitrary SQL commands through the uid parameter to viewuser.php. This CVE-2005-4170 (NVD entry) has a base score of 7.5 (HIGH) with NETWORK access, LOW complexity, no authentication, and partial impacts on confiden...
CVE-2005-2697
SQL injection vulnerability in search.php for MyBulletinBoard MyBB 1.00 Release Candidate 1 through 4 allows remote attackers to execute arbitrary SQL commands via the uid parameter. NOTE: this issue might overlap CVE-2005-0282...
CVE-2005-2697
SQL injection vulnerability in search.php for MyBulletinBoard MyBB 1.00 Release Candidate 1 through 4 allows remote attackers to execute arbitrary SQL commands via the uid parameter. NOTE: this issue might overlap CVE-2005-0282...