16 matches found
EUVD-2006-2536
Malware in sbrugna...
EUVD-2006-2584
Malware in sbrugna...
EUVD-2006-2534
Malware in sbrugna...
EUVD-2006-2535
Malware in sbrugna...
CVE-2006-2585
SQL injection vulnerability in Destiney Links Script 2.1.2 allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
Sql injection
SQL injection vulnerability in Destiney Links Script 2.1.2 allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2006-2585
SQL injection vulnerability in Destiney Links Script 2.1.2 allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2006-2585
The connected records confirm a SQL injection vulnerability in Destiney Links Script 2.1.2, exploitable via the ID parameter. Affected component: the script’s interaction with a database (unsafely concatenated/handled SQL). Root cause: lack of input sanitization/parameterization for the ID value ...
CVE-2006-2534
Destiney Links Script 2.1.2 does not protect library and other support files, which allows remote attackers to obtain the installation path via a direct URL to files in the 1 include and 2 themes/original directories...
Cross site scripting
Cross-site scripting XSS vulnerability in Destiney Links Script 2.1.2 allows remote attackers to inject arbitrary web script or HTML via the 1 "Search" term parameter in index.php and 2 "Add a Site" add.php fields...
CVE-2006-2534
Destiney Links Script 2.1.2 does not protect library and other support files, which allows remote attackers to obtain the installation path via a direct URL to files in the 1 include and 2 themes/original directories...
CVE-2006-2535
index.php in Destiney Links Script 2.1.2 allows remote attackers to obtain the installation path via an invalid show parameter referencing a non-existent file, which reveals the path in the resulting error message. NOTE: this issue might be resultant from a more serious issue such as directory...
CVE-2006-2535
CVE-2006-2535 affects the Destiney Links Script 2.1.2. The vulnerable component is index.php, where an invalid show parameter referencing a non-existent file leads to an error message that reveals the installation path. The notes suggest this could be related to a broader directory traversal issu...
CVE-2006-2536
Cross-site scripting XSS vulnerability in Destiney Links Script 2.1.2 allows remote attackers to inject arbitrary web script or HTML via the 1 "Search" term parameter in index.php and 2 "Add a Site" add.php fields...
CVE-2006-2536
CVE-2006-2536 is a cross-site scripting (XSS) vulnerability in Destiny Links Script 2.1.2. The flaw allows remote attackers to inject arbitrary web script or HTML via the Search term parameter in index.php and the Add a Site field in add.php. Public records (NVD/NVDR) show a base score of 5.8 (Me...
CVE-2006-2534
Destiny Links Script 2.1.2 is vulnerable to information disclosure: remote attackers can obtain the installation path by direct URLs to files under include and themes/original. The issue stems from inadequate protection of library/support files. No exploit details or remediation are provided in t...