6 matches found
CVE-2009-4864
Multiple cross-site scripting XSS vulnerabilities in escortssearch.php in I-Escorts Directory Script and Agency Script allow remote attackers to inject arbitrary web script or HTML via the 1 searchname and 2 languages parameters. NOTE: some of these details are obtained from third party informati...
Sql injection
Multiple SQL injection vulnerabilities in escortssearch.php in I-Escorts Directory Script and Agency Script, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 searchname and 2 languages parameters. NOTE: some of these details are obtained from thi...
CVE-2009-4865
CVE-2009-4865 affects the I-Escorts Directory Script and Agency Script, where multiple SQL injection flaws exist in escorts_search.php when magic_quotes_gpc is disabled. The vulnerability allows remote attackers to inject arbitrary SQL via the 1) search_name and 2) languages parameters. Root caus...
CVE-2009-4864
CVE-2009-4864 affects the I-Escorts Directory Script and Agency Script (escorts_search.php). The issue is reflected cross-site scripting (XSS) via the parameters (1) search_name and (2) languages, enabling an attacker to inject arbitrary script/HTML in the browser. Public sources corroborate XSS ...
CVE-2009-4865
Multiple SQL injection vulnerabilities in escortssearch.php in I-Escorts Directory Script and Agency Script, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 searchname and 2 languages parameters. NOTE: some of these details are obtained from thi...
CVE-2009-4864
Multiple cross-site scripting XSS vulnerabilities in escortssearch.php in I-Escorts Directory Script and Agency Script allow remote attackers to inject arbitrary web script or HTML via the 1 searchname and 2 languages parameters. NOTE: some of these details are obtained from third party informati...