8 matches found
EUVD-2010-2445
Malware in sbrugna...
EUVD-2010-2446
Malware in sbrugna...
CVE-2010-2437
Cross-site scripting XSS vulnerability in class/tools.class.php in AneCMS Blog 1.3 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the comment variable to modules/blog/index.php...
CVE-2010-2436
SQL injection vulnerability in modules/blog/index.php in AneCMS Blog 1.3 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the PATHINFO...
Sql injection
SQL injection vulnerability in modules/blog/index.php in AneCMS Blog 1.3 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the PATHINFO...
CVE-2010-2437
Cross-site scripting XSS vulnerability in class/tools.class.php in AneCMS Blog 1.3 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the comment variable to modules/blog/index.php...
CVE-2010-2436
CVE-2010-2436 affects AneCMS Blog (likely v1.3 and earlier) via an SQL injection in modules/blog/index.php caused by improper handling of PATH_INFO. A remote attacker can craft a URL to execute arbitrary SQL commands on the database. Public references corroborate a path-based SQL injection in Ane...
CVE-2010-2437
CVE-2010-2437 is an XSS vulnerability in AneCMS Blog 1.3 (and possibly earlier) where user input in the comment field of modules/blog/index.php is not sanitized, allowing remote attackers to inject arbitrary HTML/JavaScript. The connected HTBridge advisory provides an exploitation example for the...