Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in BBSXP 2008 SP2 allow remote attackers to inject arbitrary web script or HTML via the URI in a request to 1 AddPost.asp, 2 AddTopic.asp, 3 AdminDefault.asp, 4 Bank.asp, 5 Manage.asp, and 6 ShowPost.asp. NOTE: the provenance of this information i...

CVE-2006-2302

SQL injection vulnerability in admindefault.asp in DUGallery 2.x allows remote attackers to execute arbitrary SQL commands via the 1 Login or 2 password field...

Sql injection

SQL injection vulnerability in admindefault.asp in DUGallery 2.x allows remote attackers to execute arbitrary SQL commands via the 1 Login or 2 password field...

Sql injection

SQL injection vulnerability in admindefault.asp in OzzyWork Galeri allows remote attackers to execute arbitrary SQL commands via the 1 Login or 2 password fields...

CVE-2006-2301

The CVE-2006-2301 entry concerns a SQL injection vulnerability in OzzyWork Galeri’s admin_default.asp, exploitable via the (1) Login or (2) password fields. The underlying flaw is unsafely constructed SQL queries that allow remote attackers to inject arbitrary SQL commands. Related records confir...

CVE-2006-2302

A CVE-2006-2302 entry describes a SQL injection vulnerability in DUGallery 2.x, specifically in admin_default.asp, exploitable via the (1) Login or (2) password fields. The underlying cause is improper input handling that allows remote attackers to execute arbitrary SQL commands. The NVD metrics ...

CVE-2006-2301

SQL injection vulnerability in admindefault.asp in OzzyWork Galeri allows remote attackers to execute arbitrary SQL commands via the 1 Login or 2 password fields...