248 matches found
CVE-2009-3499
SQL injection vulnerability in employee.aspx in BPowerHouse BPLawyerCaseDocuments 1.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter...
CVE-2009-3499
SQL injection vulnerability in employee.aspx in BPowerHouse BPLawyerCaseDocuments 1.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter...
CVE-2009-3187
Cross-site scripting XSS vulnerability in gamelist.php in Stand Alone Arcade 1.1 allows remote attackers to inject arbitrary web script or HTML via the cat parameter...
CVE-2009-3190
Multiple SQL injection vulnerabilities in PAD Site Scripts 3.6 allow remote attackers to execute arbitrary SQL commands via the 1 search parameter to list.php and 2 cat parameter to rss.php...
Sql injection
Multiple SQL injection vulnerabilities in PAD Site Scripts 3.6 allow remote attackers to execute arbitrary SQL commands via the 1 search parameter to list.php and 2 cat parameter to rss.php...
Cross site scripting
Cross-site scripting XSS vulnerability in gamelist.php in Stand Alone Arcade 1.1 allows remote attackers to inject arbitrary web script or HTML via the cat parameter...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in PAD Site Scripts 3.6 allow remote attackers to inject arbitrary web script or HTML via the cat parameter to 1 rss.php and 2 opml.php...
CVE-2009-3190
Multiple SQL injection vulnerabilities in PAD Site Scripts 3.6 allow remote attackers to execute arbitrary SQL commands via the 1 search parameter to list.php and 2 cat parameter to rss.php...
Sql injection
SQL injection vulnerability in rss.php in Ultimate Regnow Affiliate URA 3.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter...
CVE-2009-2780
Multiple cross-site scripting XSS vulnerabilities in 68 Classifieds 4.1 allow remote attackers to inject arbitrary web script or HTML via the 1 cat parameter to category.php, view parameter to 2 login.php and 3 viewlisting.php, page parameter to 4 searchresults.php and 5 toplistings.php, and 6...
Sql injection
SQL injection vulnerability in directory.php in Scripts For Sites SFS EZ Pub Site allows remote attackers to execute arbitrary SQL commands via the cat parameter...
Sql injection
SQL injection vulnerability in viewfaqs.php in Scripts for Sites SFS EZ Auction allows remote attackers to execute arbitrary SQL commands via the cat parameter...
Sql injection
SQL injection vulnerability in detail.php in MountainGrafix easyLink 1.1.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter in a show action...
CVE-2008-6064
Multiple SQL injection vulnerabilities in DomPHP 0.81 allow remote attackers to execute arbitrary SQL commands via the cat parameter to agenda/index.php, and unspecified other vectors...
Sql injection
Multiple SQL injection vulnerabilities in DomPHP 0.81 allow remote attackers to execute arbitrary SQL commands via the cat parameter to agenda/index.php, and unspecified other vectors...
PT-2009-2988 · Ninja · Ninja Blog
Name of the Vulnerable Software and Affected Versions: Ninja Blog version 4.8 Description: The issue allows remote attackers to read arbitrary files due to a directory traversal vulnerability in the entries/index.php file when magic quotes gpc is disabled. This is achieved by using a .. dot dot i...
CVE-2009-0299
SQL injection vulnerability in index.php in Groone GLinks 2.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter...
CVE-2008-5923
SQL injection vulnerability in default.asp in ASP-DEv XM Events Diary allows remote attackers to execute arbitrary SQL commands the cat parameter...
Sql injection
SQL injection vulnerability in diaryviewC.asp in ASP-DEv XM Events Diary allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2008-5924
SQL injection vulnerability in diaryviewC.asp in ASP-DEv XM Events Diary allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...