5 matches found
AnnonceScriptHP 2.0 admin/admin_config/Aide.php email Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/21514/info AnnonceScriptHP is prone to multiple input-validation vulnerabilities, including SQL-injection and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting these...
CVE-2006-6478
Multiple SQL injection vulnerabilities in AnnonceScriptHP 2.0 allow remote attackers to execute arbitrary SQL commands via the 1 id parameter in a email.php, the 2 no parameter in b voirannonce.php, the 3 idmembre parameter in c admin/adminmembre/fichemembre.php, and the 4 idannonce parameter in ...
CVE-2006-6478
Multiple SQL injection vulnerabilities in AnnonceScriptHP 2.0 allow remote attackers to execute arbitrary SQL commands via the 1 id parameter in a email.php, the 2 no parameter in b voirannonce.php, the 3 idmembre parameter in c admin/adminmembre/fichemembre.php, and the 4 idannonce parameter in ...
CVE-2006-6480
CVE-2006-6480 affects AnnonceScriptHP 2.0. The vulnerability is in admin/admin_membre/fiche_membre.php, where the idmembre parameter allows remote attackers to obtain sensitive information, specifically passwords for arbitrary users. The provided sources confirm the affected component and the dat...
CVE-2006-6479
CVE-2006-6479 documents multiple XSS flaws in AnnonceScriptHP 2.0, allowing remote attackers to inject arbitrary script or HTML via the email parameter. Affected files are: erreurinscription.php, Templates/admin.dwt.php, Templates/commun.dwt.php, membre.dwt.php, and admin/admin_config/Aide.php. T...