SiteBeater News 4.0 Archive.ASP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15697/info SiteBeater News is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrar...

Sql injection

DISPUTED Multiple SQL injection vulnerabilities in archive.asp in GA's Forum Light allow remote attackers to execute arbitrary SQL commands via the 1 Forum and 2 pages parameter. NOTE: SecurityTracker says that the vendor has disputed this issue, saying that GA Forum Light does not use an SQL...

PT-2006-1725 · Ga · Ga'S Forum Light

Name of the Vulnerable Software and Affected Versions: GA's Forum Light affected versions not specified Description: The issue allows remote attackers to execute arbitrary SQL commands via the Forum and pages parameters in the archive.asp file. However, the vendor has disputed this issue, stating...

CVE-2005-4000

Cross-site scripting XSS vulnerability in archive.asp in SiteBeater News System 4.00 and earlier allows remote attackers to inject arbitrary web script or HTML via the sKeywords parameter...

CVE-2005-4000

CVE-2005-4000 describes a Cross-site scripting (XSS) vulnerability in the SiteBeater News System (archive.asp) ≤ 4.00, exploitable remotely via the sKeywords parameter. The provided sources state that an attacker can inject arbitrary web script or HTML, leading to potential user session or page c...