Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in OpenText ECM formerly Livelink ECM 9.7.1 allow remote attackers to inject arbitrary web script or HTML via the 1 viewType and 2 sort parameters in a browse action to livelink/livelink; and the 3 nodeid, 4 setctx, and 5 support parameters to...

CVE-2010-5282

Multiple cross-site scripting XSS vulnerabilities in OpenText ECM formerly Livelink ECM 9.7.1 allow remote attackers to inject arbitrary web script or HTML via the 1 viewType and 2 sort parameters in a browse action to livelink/livelink; and the 3 nodeid, 4 setctx, and 5 support parameters to...

DEBIAN-CVE-2011-3361

Cross-site scripting XSS vulnerability in CGI/Browse.pm in BackupPC 3.2.0 and possibly other versions before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via the num parameter in a browse action to index.cgi...

PT-2012-1692

Name of the Vulnerable Software and Affected Versions: BackupPC versions prior to 3.2.1 Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via the num parameter in a browse action to "index.cgi". Recommendations: For versions prior to 3.2....

SnowCade 3.0 - SQL Injection

SnowCade 3.0 - SQL Injection / - SnowCade v3 SQL Injection Vulnerability - ---Date : 2010-06-19 ---Author : ahwak2000 ---Email : z.u5athotmail.com - Script Info - ---Home : http://www.arcadecreate.com/ - Vulnerability - http://site.com/path/index.php?action=browse&cat=SQL INj...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in iDevCart 1.09 allows remote attackers to inject arbitrary web script or HTML via the SEARCH parameter in a browse action...

CVE-2009-3973

SQL injection vulnerability in index.php in Turnkey Arcade Script allows remote attackers to execute arbitrary SQL commands via the id parameter in a browse action, a different vector than CVE-2008-5629...

CVE-2009-3973

The CVE relates to a SQL injection in index.php of Turnkey Arcade Script. The vulnerability is triggered via the id parameter in actions (play or browse) and allows remote attackers to execute arbitrary SQL commands, reflecting a classic server-side injectable vector. The connected data confirms ...

Allomani 2007 SQL Injection

================== NaMe: allomani 2007 = SQL Injection Vulnerability Author : NeX HackEr Contact: [email protected] ================== Script site : http://allomani.com ================== ExplOiT: UserName http://www.xxx.com/path/index.php?action=browse&cat=-1 and 1=0 UNION AlL SELECT username,2,3...

Sql injection

SQL injection vulnerability in functions/browse.php in Ganesha Digital Library GDL 4.0 and 4.2 allows remote attackers to execute arbitrary SQL commands via the node parameter in a browse action to gdl.php...

CVE-2009-0965

SQL injection vulnerability in functions/browse.php in Ganesha Digital Library GDL 4.0 and 4.2 allows remote attackers to execute arbitrary SQL commands via the node parameter in a browse action to gdl.php...

Sql injection

SQL injection vulnerability in index.php in Diesel Pay allows remote attackers to execute arbitrary SQL commands via the area parameter in a browse action...

CVE-2008-6468

SQL injection vulnerability in index.php in Diesel Pay allows remote attackers to execute arbitrary SQL commands via the area parameter in a browse action...

CVE-2008-6468

CVE-2008-6468 affects Diesel Pay: SQL injection in index.php via the area parameter in a browse action. Root cause is improper input handling in that parameter, enabling remote attackers to potentially execute arbitrary SQL commands. The vulnerability is rated CVSS v2 base score 7.5 (HIGH) with n...

CVE-2008-3711

SQL injection vulnerability in index.php in PHPArcadeScript PHP Arcade Script 4.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter in a browse action...

CVE-2008-3383

SQL injection vulnerability in mojoAuto.cgi in MojoAuto allows remote attackers to execute arbitrary SQL commands via the cata parameter in a browse action...

Cross site scripting

Cross-site scripting XSS vulnerability in dir.php in milliscripts Redirection allows remote attackers to inject arbitrary web script or HTML via the cat parameter in a browse action...

CVE-2007-6641

Cross-site scripting XSS vulnerability in dir.php in milliscripts Redirection allows remote attackers to inject arbitrary web script or HTML via the cat parameter in a browse action...

CVE-2007-6641

CVE-2007-6641 is an XSS vulnerability in milliscripts Redirection, affecting dir.php where an attacker can inject arbitrary script/HTML by supplying the cat parameter in a browse action. The NVD entry lists a medium severity (CVSS v2: AV:N/AC:M/Au:N/C:N/I:P/A:N, base score 4.3). No exploitation d...

CVE-2007-5131

SQL injection vulnerability in index.php in Interspire ActiveKB NX 2.x allows remote attackers to execute arbitrary SQL commands via the catId parameter in a browse action. NOTE: it was separately reported that ActiveKB 1.5 is also affected...