EUVD-2010-1875

Malware in sbrugna...

EUVD-2010-1298

Malware in sbrugna...

Sql injection

SQL injection vulnerability in auktion.php in Pay Per Watch & Bid Auktions System allows remote attackers to execute arbitrary SQL commands via the idauk parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in auktion.php in Pay Per Watch & Bid Auktions System allows remote attackers to inject arbitrary web script or HTML via the idauk parameter, which is not properly handled in a forced SQL error message. NOTE: the provenance of this information is unknown; th...

CVE-2010-1854

CVE-2010-1854 concerns an XSS in auktion.php of Pay Per Watch & Bid Auktions System, exploitable through the id_auk parameter, where an injected script/HTML appears in a forced SQL error message. Related records (NVD/Red Hat) confirm this vulnerability and its association to CVE-2010-1855 (SQL in...

CVE-2010-1855

SQL injection vulnerability in auktion.php in Pay Per Watch & Bid Auktions System allows remote attackers to execute arbitrary SQL commands via the idauk parameter...

CVE-2010-1855

CVE-2010-1855 is a SQL injection vulnerability in the Pay Per Watch & Bid Auktions System, specifically in auktion.php where the id_auk parameter can be manipulated to execute arbitrary SQL commands. The vulnerability is documented in the NVD entry for CVE-2010-1855 and is corroborated by multipl...

Sql injection

SQL injection vulnerability in auktion.php in phpscripte24 Niedrig Gebote Pro Auktions System II allows remote attackers to execute arbitrary SQL commands via the idauk parameter...

CVE-2010-1270

CVE-2010-1270 describes a SQL injection vulnerability in auktion.php of Multi Auktions Komplett System 2. The vulnerability allows remote attackers to execute arbitrary SQL commands by supplying a crafted id_auk parameter. Impact stated in the document set is risk of partial confidentiality/integ...