EUVD-2010-1630

Malware in sbrugna...

CVE-2024-12942

A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/adminlogin.php. The manipulation of the argument username/password leads to sql injection. It is possible to launch the attack...

CVE-2024-12942 1000 Projects Portfolio Management System MCA admin_login.php sql injection

A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/adminlogin.php. The manipulation of the argument username/password leads to sql injection. It is possible to launch the attack...

CVE-2024-41236

A SQL injection vulnerability in /smsa/adminlogin.php in Kashipara Responsive School Management System v3.2.0 allows an attacker to execute arbitrary SQL commands via the "username" parameter of the Admin Login Page...

CVE-2024-0726 Project Worlds Student Project Allocation System Admin Login Module admin_login.php cross site scripting

A vulnerability was found in Project Worlds Student Project Allocation System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file adminlogin.php of the component Admin Login Module. The manipulation of the argument msg with the input...

cambridge-fire.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-641563 Description| Value ---|--- Affected Website:| cambridge-fire.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

antronic.co.za XSS vulnerability

Open Bug Bounty ID: OBB-571757 Description| Value ---|--- Affected Website:| antronic.co.za Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

CVE-2010-5039

SQL injection vulnerability in control/adminlogin.php in ScriptsFeed Recipes Listing Portal 1.0 allows remote attackers to execute arbitrary SQL commands via the loginid parameter aka the UserName field. NOTE: some of these details are obtained from third party information...

CVE-2010-5039

SQL injection vulnerability in control/adminlogin.php in ScriptsFeed Recipes Listing Portal 1.0 allows remote attackers to execute arbitrary SQL commands via the loginid parameter aka the UserName field. NOTE: some of these details are obtained from third party information...

CVE-2010-5039

CVE-2010-5039 affects ScriptsFeed Recipes Listing Portal 1.0, via control/admin_login.php, where the loginid parameter (UserName field) can be used to perform SQL injection. Root cause: improper input handling that allows arbitrary SQL execution. Impact: remote attackers could run arbitrary SQL c...

CVE-2010-1604

Multiple SQL injection vulnerabilities in adminlogin.php in NCT Jobs Portal Script allow remote attackers to execute arbitrary SQL commands via the 1 user parameter aka login field and 2 passwd parameter aka password field. NOTE: some of these details are obtained from third party information...

CVE-2010-1604

Multiple SQL injection vulnerabilities in adminlogin.php in NCT Jobs Portal Script allow remote attackers to execute arbitrary SQL commands via the 1 user parameter aka login field and 2 passwd parameter aka password field. NOTE: some of these details are obtained from third party information...

CVE-2010-1604

CVE-2010-1604 involves multiple SQL injection vulnerabilities in admin_login.php of the NCT Jobs Portal Script, allowing remote attackers to inject SQL via the login (user) and password (passwd) fields. The issue stems from unsafely constructed SQL queries in the login handling code, enabling arb...

CVE-2010-1367

CVE-2010-1367 describes multiple cross-site scripting (XSS) vulnerabilities in the admin/admin_login.php component of Uiga Fan Club, allowing remote attackers to inject arbitrary web script or HTML via the admin_name or admin_password parameters. The issue affects the login handling logic, enabli...

CVE-2010-1366

CVE-2010-1366 describes multiple SQL injection vulnerabilities in the admin_login.php of Uiga Fan Club 1.0 and earlier. The issue allows remote attackers to execute arbitrary SQL commands through the (1) admin_name and (2) admin_password parameters, with the affected component being the login han...

CVE-2010-1366

Multiple SQL injection vulnerabilities in admin/adminlogin.php in Uiga Fan Club 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 adminname and 2 adminpassword parameters...

Cross site scripting

Cross-site scripting XSS vulnerability in adminlogin.php in MCshoutbox 1.1 allows remote attackers to inject arbitrary web script or HTML via the loginerror parameter...

CVE-2009-3714

Cross-site scripting XSS vulnerability in adminlogin.php in MCshoutbox 1.1 allows remote attackers to inject arbitrary web script or HTML via the loginerror parameter...

CVE-2009-3714

CVE-2009-3714 affects MCshoutbox 1.1; the XSS flaw is in admin_login.php and is exploitable by providing a crafted loginerror parameter to inject arbitrary scripts/HTML into the victim’s browser. The public documents describe the vulnerability type and affected component but do not specify a patc...

MCshoutbox 1.1 (SQL/XSS/Shell) Multiple Remote Vulnerabilities

No description provided by source. + MCshoutbox 1.1 SQL/XSS/Shell Multiple Remote Vulnerabilities + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org Homepage : http://www.maniacomputer.com/dload/MCshoutboxDownloadPage.html + SQL Injection Login Bypass - Note : magicquotesgpc =...