CVE-2008-6033

SQL injection vulnerability in comments.php in WSN Links 2.20 allows remote attackers to execute arbitrary SQL commands via the id parameter...

Sql injection

SQL injection vulnerability in comments.php in WSN Links Free 4.0.34P allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2008-6033

The CVE-2008-6033 entry describes a SQL injection in WSN Links 2.20 within comments.php, exploitable via the id parameter to allow remote attackers to execute arbitrary SQL commands. The affected component is the comments.php handling in WSN Links 2.20; root cause is unsanitized input leading to ...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in WB News 2.0.1, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the configinstalldir parameter to 1 search.php, 2 archive.php, 3 comments.php, and 4 news.php; 5 News.php, 6 SendFriend.php, 7...

Lito Lite CMS Multiple Cross Site Scripting / Blind SQL Injection Exploit

Exploit for unknown platform in category web applications ========================================================================= Lito Lite CMS Multiple Cross Site Scripting / Blind SQL Injection Exploit =========================================================================...

PhpWebGallery comments.php sort_by Parameter SQL Injection

The remote host is running PhpWebGallery, an open source photo gallery application written in PHP. The installed version of PhpWebGallery fails to sanitize user-supplied input to the 'sortby' parameter of the 'comments.php' script before using it in a database query. Regardless of PHP's...

CVE-2008-4346

Directory traversal vulnerability in TalkBack 2.3.6 and 2.3.6.4 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the language parameter to comments.php, a different vector than CVE-2008-3371...

Directory traversal

Directory traversal vulnerability in TalkBack 2.3.6 and 2.3.6.4 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the language parameter to comments.php, a different vector than CVE-2008-3371...

CVE-2008-4346

Directory traversal vulnerability in TalkBack 2.3.6 and 2.3.6.4 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the language parameter to comments.php, a different vector than CVE-2008-3371...

WSN Links 2.20 - comments.php SQL Injection

WSN Links 2.20 - comments.php SQL Injection WSN Links 2.20 comments.php - SQL Injection Vulnerability http://scripts.webmastersite.net/wsnlinks/ ---------------------------------------------------------- Bug founded by d3v1l Date: 21.09.2008 [email protected]...

wsnlinksvote-sql.txt

1 WSN Links 2.23 AND 2.22 vote.php - SQL Injection Vulnerability http://scripts.webmastersite.net/wsnlinks/ ---------------------------------------------------------- Bug founded by d3v1l Date: 21.09.2008 [email protected] ----------------------------------------------------------- Greetz tO:-...

WSN Links 2.20 (comments.php) SQL Injection Vulnerability

No description provided by source. WSN Links 2.20 comments.php - SQL Injection Vulnerability http://scripts.webmastersite.net/wsnlinks/ ---------------------------------------------------------- Bug founded by d3v1l Date: 21.09.2008 [email protected]...

wsnlinkscomments-sql.txt

WSN Links 2.20 comments.php - SQL Injection Vulnerability http://scripts.webmastersite.net/wsnlinks/ ---------------------------------------------------------- Bug founded by d3v1l Date: 21.09.2008 [email protected] ----------------------------------------------------------- Greetz tO:-...

WSN Links 2.20 - 'comments.php' SQL Injection

WSN Links 2.20 comments.php - SQL Injection Vulnerability http://scripts.webmastersite.net/wsnlinks/ ---------------------------------------------------------- Bug founded by d3v1l Date: 21.09.2008 [email protected] ----------------------------------------------------------- Greetz tO:-...

Sql injection

SQL injection vulnerability in comments.php in ZeeScripts Reviews Opinions Rating Posting Engine Web-Site PHP Script aka ZeeReviews allows remote attackers to execute arbitrary SQL commands via the ItemID parameter...

Sql injection

Multiple SQL injection vulnerabilities in phsBlog 0.1.1 allow remote attackers to execute arbitrary SQL commands via the 1 eid parameter to comments.php, 2 cid parameter to index.php, and the 3 urltitle parameter to entries.php...

zeereviews-sql.txt

Viva IslaM Viva IslaM Remote SQL Injection Vulnerability ZeeReviews comments.php ItemID http://www.zeescripts.com AuTh0r : Mr.SQL H0ME : WwW.PaL-HaCkEr.CoM & WwW.AtsDp.CoM Email : [email protected] SYRIAN Arab HACkErS -: Exploite :-...

ZeeReviews (comments.php ItemID) Remote SQL Injection Vulnerability

No description provided by source. Viva IslaM Viva IslaM Remote SQL Injection Vulnerability ZeeReviews comments.php ItemID http://www.zeescripts.com AuTh0r : Mr.SQL H0ME : WwW.PaL-HaCkEr.CoM & WwW.AtsDp.CoM Email : [email protected] SYRIAN Arab HACkErS -: Exploite :-...

ZeeReviews (comments.php ItemID) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications =================================================================== ZeeReviews comments.php ItemID Remote SQL Injection Vulnerability =================================================================== Viva IslaM Viva IslaM Remote SQL...

Chipmunk Blog - 'comments.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29883/info Chipmunk Blog is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user ...