149 matches found
SoftBiz Web Hosting Directory Script 1.1 email.php h_id Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15561/info Softbiz Web Host Directory Script is prone to multiple SQL injection vulnerabilities. These issues occur because the application fails to properly sanitize user-supplied input before using it in an SQL query...
Your Articles Directory Login Option SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/39796/info Article Directory Script is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...
Web Directory Script <= 2.0 (name) SQL Injection Vulnerability
No description provided by source. Web Directory Script = 2.0 SQL Injection Vulnerability Author: !DoktOR! Contact: coder5attopmail.kz Home Page: www.antichat.ru Date found: 23.08.08 Product: Web Directory Script Version: 2.0 Download script:...
Kemana Directory 1.5.6 (run param) Local File Inclusion Vulnerability
No description provided by source. ? Kemana Directory 1.5.6 run param Local File Inclusion Vulnerability Vendor: C97net Product web page: http://www.c97.net Affected version: 1.5.6 Summary: Experience the ultimate directory script solution with Kemana. Create your own Yahoo or Dmoz easily with...
Prozilla Directory Script (directory.php cat_id) SQL Injection Vulnerbility
No description provided by source. --==+================================================================================+==-- --==+ Prozilla Directory Script SQL Injection Vulnerbility +==-- --==+================================================================================+==-- AUTHOR: t0pP8uZ...
Kemana Directory 1.5.6 - 'task.php' Local File Inclusion
Kemana Directory 1.5.6 run param Local File Inclusion Vulnerability Vendor: C97net Product web page: http://www.c97.net Affected version: 1.5.6 Summary: Experience the ultimate directory script solution with Kemana. Create your own Yahoo or Dmoz easily with Kemana. Unique Kemana's features...
Kemana Directory 1.5.6 - task.php Local File Inclusion
Kemana Directory 1.5.6 - task.php Local File Inclusion Kemana Directory 1.5.6 run param Local File Inclusion Vulnerability Vendor: C97net Product web page: http://www.c97.net Affected version: 1.5.6 Summary: Experience the ultimate directory script solution with Kemana. Create your own Yahoo or...
PHP weby directory software 1.2 - Multiple Vulnerabilities
PHP weby directory software 1.2 - Multiple Vulnerabilities =========================================== Vulnerable Software: PHP Weby directory software version 1.2 Vendor: http://phpweby.com Download: htp://phpweby.com/down/phpwebydirectory.zip Vuln: Blind SQL injection && CSRF Dork: intext:Power...
PHPWeby Free Directory Script - 'contact.php' Multiple SQL Injections
source: https://www.securityfocus.com/bid/57561/info The PHPWeby Free directory script is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input. A successful exploit may allow an attacker to compromise the application, access or modify data,...
PHPWeby Free Directory Script - contact.php Multiple SQL Injections
PHPWeby Free Directory Script - contact.php Multiple SQL Injections source: https://www.securityfocus.com/bid/57561/info The PHPWeby Free directory script is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input. A successful exploit may all...
CVE-2010-4905
SQL injection vulnerability in articledetails.php in Softbiz Article Directory Script allows remote attackers to execute arbitrary SQL commands via the sbizid parameter...
CVE-2010-4905
SQL injection vulnerability in articledetails.php in Softbiz Article Directory Script allows remote attackers to execute arbitrary SQL commands via the sbizid parameter...
CVE-2010-4905
CVE-2010-4905 : The vulnerability is a SQL injection in the Softbiz Article Directory Script, specifically in the file/article_details.php, exploitable via the sbiz_id parameter. The issue allows remote attackers to execute arbitrary SQL commands and is rated HIGH (CVSS v2 base score 7.5). Affect...
Softbiz Article Directory Script - 'sbiz_id' Blind SQL Injection
=========================================================== Title: Article Directory sbizid Blind SQL Injection Vuln Script: Article Directory Price: $65 Link: http://www.softbizscripts.com/article-management-script.php =========================================================== Author: BorN To...
CVE-2009-4864
Multiple cross-site scripting XSS vulnerabilities in escortssearch.php in I-Escorts Directory Script and Agency Script allow remote attackers to inject arbitrary web script or HTML via the 1 searchname and 2 languages parameters. NOTE: some of these details are obtained from third party informati...
Sql injection
Multiple SQL injection vulnerabilities in escortssearch.php in I-Escorts Directory Script and Agency Script, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 searchname and 2 languages parameters. NOTE: some of these details are obtained from thi...
CVE-2009-4865
Multiple SQL injection vulnerabilities in escortssearch.php in I-Escorts Directory Script and Agency Script, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 searchname and 2 languages parameters. NOTE: some of these details are obtained from thi...
CVE-2009-4864
CVE-2009-4864 affects the I-Escorts Directory Script and Agency Script (escorts_search.php). The issue is reflected cross-site scripting (XSS) via the parameters (1) search_name and (2) languages, enabling an attacker to inject arbitrary script/HTML in the browser. Public sources corroborate XSS ...
CVE-2009-4865
CVE-2009-4865 affects the I-Escorts Directory Script and Agency Script, where multiple SQL injection flaws exist in escorts_search.php when magic_quotes_gpc is disabled. The vulnerability allows remote attackers to inject arbitrary SQL via the 1) search_name and 2) languages parameters. Root caus...
CVE-2009-4864
Multiple cross-site scripting XSS vulnerabilities in escortssearch.php in I-Escorts Directory Script and Agency Script allow remote attackers to inject arbitrary web script or HTML via the 1 searchname and 2 languages parameters. NOTE: some of these details are obtained from third party informati...