248 matches found
CVE-2005-1810
SQL injection vulnerability in template-functions-category.php in WordPress 1.5.1 allows remote attackers to execute arbitrary SQL commands via the $catID variable, as demonstrated using the cat parameter to index.php...
CVE-2005-1196
SQL injection vulnerability in kb.php in the Knowledge Base module for phpBB allows remote attackers to obtain sensitive information and execute SQL commands via the cat parameter...
CVE-2005-0914
Multiple cross-site scripting XSS vulnerabilities in CPG Dragonfly 9.0.2.0 allow remote attackers to inject arbitrary web script or HTML via 1 the profile parameter to index.php or 2 the cat parameter...
CVE-2005-0914
Multiple cross-site scripting XSS vulnerabilities in CPG Dragonfly 9.0.2.0 allow remote attackers to inject arbitrary web script or HTML via 1 the profile parameter to index.php or 2 the cat parameter...
CVE-2004-1553
SQL injection vulnerability in aspWebAlbum allows remote attackers to execute arbitrary SQL statements via 1 the username field on the login page or 2 the cat parameter to album.asp. NOTE: it was later reported that vector 1 affects aspWebAlbum 3.2, and the vector involves the txtUserName paramet...
CVE-2004-2510
Cross-site scripting XSS vulnerability in showflat.php in Infopop UBB.Threads before 6.5 allows remote attackers to inject arbitrary web script or HTML via the Cat parameter...
CVE-2004-2509
Cross-site scripting XSS vulnerabilities in 1 calendar.php, 2 login.php, and 3 online.php in Infopop UBB.Threads 6.2.3 and 6.5 allow remote attackers to inject arbitrary web script or HTML via the Cat parameter...
CVE-2003-1231
Cross-site scripting XSS vulnerability in index.php in ECW-Shop 5.5 allows remote attackers to inject arbitrary web script or HTML via the cat parameter...