PHPCMS V9 badword.php file SQL injection vulnerability

PHPCMS is a web content management system based on PHP and Mysql architecture. The system includes modules such as news, pictures, downloads, information and products. A SQL injection vulnerability exists in the PHPCMS V9 badword.php file, which allows attackers to exploit the vulnerability to...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Ublog Reload 1.0.5 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to 1 login.asp; and allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters to 2 badword.asp,...

CVE-2007-0798

Multiple cross-site scripting XSS vulnerabilities in Ublog Reload 1.0.5 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to 1 login.asp; and allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters to 2 badword.asp,...

CrossSite Scripting @ Snitz Forums 2000

Description: The BadWord-Script-Filter can be tricked by adding the Tab-Char 0x09 into the script command. This may lead to CrossSite-Scripting. Exploit: imgjav asc ript:alert28document.cookie29/img Vendor: Has been contacted on 15. April. Patch: Available at...