134 matches found
CVE-2006-6600
Cross-site scripting XSS vulnerability in dir.php in TorrentFlux 2.2, when allows remote attackers to inject arbitrary web script or HTML via double URL-encoded strings in the dir parameter, a related issue to CVE-2006-5609...
CVE-2006-6272
Cross-site scripting XSS vulnerability in spindex.php in Simple PHP Gallery 1.1 allows remote attackers to inject arbitrary web script or HTML via the dir parameter...
CVE-2006-6272
Cross-site scripting XSS vulnerability in spindex.php in Simple PHP Gallery 1.1 allows remote attackers to inject arbitrary web script or HTML via the dir parameter...
CVE-2006-6273
spindex.php in Simple PHP Gallery 1.1 allows remote attackers to obtain sensitive information via an invalid dir parameter, which reveals the path in an error message...
CVE-2006-6272
Cross-site scripting XSS vulnerability in spindex.php in Simple PHP Gallery 1.1 allows remote attackers to inject arbitrary web script or HTML via the dir parameter...
CVE-2006-5419
PHP remote file inclusion vulnerability in client.php in University of Glasgow Specimen Image Database SID, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in Directory Listing Script allows remote attackers to inject arbitrary web script or HTML via the dir parameter...
CVE-2006-0235
The CVE-2006-0235 entry describes an SQL injection vulnerability in WhiteAlbum 2.5, exploitable remotely via the dir parameter to pictures.php. The affected component is WhiteAlbum 2.5, with root cause being an SQL injection that allows attackers to run arbitrary SQL commands. The NVD metrics rat...
CVE-2006-0112
Cross-site scripting XSS vulnerability in index.php in Enhanced Simple PHP Gallery 1.7 allows remote attackers to inject arbitrary web script or HTML via the dir parameter...
Directory traversal
Directory traversal vulnerability in index.php in IDV Directory Viewer before 2005.1 allows remote attackers to view arbitrary directory contents via a .. dot dot in the dir parameter...
CVE-2004-2308
Cross-site scripting XSS vulnerability in cPanel 9.1.0 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the dir parameter in dohtaccess.html...
CVE-2003-1146
Cross-site scripting XSS vulnerability in John Beatty Easy PHP Photo Album 1.0 allows remote attackers to inject arbitrary web script or HTML via the dir parameter...
CVE-2003-1146
Cross-site scripting XSS vulnerability in John Beatty Easy PHP Photo Album 1.0 allows remote attackers to inject arbitrary web script or HTML via the dir parameter...
CVE-2002-0434
The CVE-2002-0434 issue centers on the directory.php script by Marcus S. Xenakis, which allows remote attackers to execute arbitrary commands via shell metacharacters in the dir parameter. Connected sources (OpenVAS NASL and Tenable plugin) confirm a remote command-execution vulnerability in the ...