CVE-2006-3474

Multiple SQL injection vulnerabilities in Belchior Foundry vCard PRO allow remote attackers to execute arbitrary SQL commands via the 1 catid parameter to a gbrowse.php, 2 cardid parameter to b rating.php and c create.php, and the 3 eventid parameter to d search.php...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Belchior Foundry vCard 2.9 allow remote attackers to inject arbitrary web script or HTML via the page parameter in 1 toprated.php and 2 newcards.php. NOTE: the cardid vector is already covered by CVE-2006-1230...

CVE-2006-2810

Multiple cross-site scripting XSS vulnerabilities in Belchior Foundry vCard 2.9 allow remote attackers to inject arbitrary web script or HTML via the page parameter in 1 toprated.php and 2 newcards.php. NOTE: the cardid vector is already covered by CVE-2006-1230...

CVE-2006-2810

Multiple cross-site scripting XSS vulnerabilities in Belchior Foundry vCard 2.9 allow remote attackers to inject arbitrary web script or HTML via the page parameter in 1 toprated.php and 2 newcards.php. NOTE: the cardid vector is already covered by CVE-2006-1230...

CVE-2006-1230

Multiple cross-site scripting XSS vulnerabilities in create.php in vCard 2.x allow remote attackers to inject arbitrary web script or HTML via the 1 cardid, 2 uploaded, 3 cardfontsize, or 4 cardcolor parameter. NOTE: the cardid vector was later reported to affect vCard 2.9, and the uploaded vecto...