Default credentials

Dmx Forum 2.1a allows remote attackers to obtain username and password information via a direct request to pops/edit.php with a modified membre parameter...

CVE-2006-2947

Dmx Forum 2.1a allows remote attackers to obtain username and password information via a direct request to pops/edit.php with a modified membre parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in Chipmunk guestbook allows remote attackers to inject arbitrary web script or HTML via the 1 start parameter in a index.php; 2 forumID parameter in index.php, b newtopic.php, and c reply.php; and 3 ID parameter to d edit.php...

CVE-2006-2757

Cross-site scripting XSS vulnerability in Chipmunk guestbook allows remote attackers to inject arbitrary web script or HTML via the 1 start parameter in a index.php; 2 forumID parameter in index.php, b newtopic.php, and c reply.php; and 3 ID parameter to d edit.php...

CVE-2006-2757

Cross-site scripting XSS vulnerability in Chipmunk guestbook allows remote attackers to inject arbitrary web script or HTML via the 1 start parameter in a index.php; 2 forumID parameter in index.php, b newtopic.php, and c reply.php; and 3 ID parameter to d edit.php...

Sql injection

SQL injection vulnerability in @1 File Store 2006.03.07 allows remote attackers to execute arbitrary SQL commands via the id parameter to 1 functions.php and 2 user.php in the libs directory, 3 edit.php and 4 delete.php in control/files/, 5 edit.php and 6 delete.php in control/users/, 7 edit.php,...

CVE-2005-4225

Multiple "potential" SQL injection vulnerabilities in myBloggie 2.1.3 beta might allow remote attackers to execute arbitrary SQL commands via 1 the category parameter in add.php, 2 the catdesc parameter in addcat.php, 3 the level and user parameters in adduser.php, 4 the postid parameter in...

CVE-2005-3698

PHP Easy Download allows remote attackers to bypass authentication via edit.php...

CVE-2005-3698

PHP Easy Download (CVE-2005-3698) allows remote attackers to bypass authentication via edit.php. The connected sources (NVD, Red Hat advisory, CVE List) confirm an access-control weakness at the edit.php entry point, enabling unauthorized access. No specific exploitation details, affected version...

CVE-2005-2112

Multiple cross-site scripting XSS vulnerabilities in XOOPS 2.0.11 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 order parameter to edit.php or 2 cid parameter to commentedit.php...

CVE-2005-0841

SQL injection vulnerability in 1 people.php, 2 track.php, 3 edit.php, 4 document.php, 5 census.php, 6 passthru.php and possibly other php files in phpMyFamily 1.4.0 allows remote attackers to execute arbitrary SQL commands, as demonstrated via 1 the person parameter to people.php or 2 the Login...

CVE-2004-1559

Multiple cross-site scripting XSS vulnerabilities in Wordpress 1.2 allow remote attackers to inject arbitrary web script or HTML via the 1 redirectto, text, popupurl, or popuptitle parameters to wp-login.php, 2 redirecturl parameter to admin-header.php, 3 popuptitle, popupurl, content, or posttit...

Multiple XSS Vulnerabilities in Wordpress 1.2

Vendor : Wordpress URL : http://wordpress.org/ Version : Wordpress 1.2 Risk : XSS Description: WordPress is a state-of-the-art semantic personal publishing platform with a focus on aesthetics, web standards, and usability. ... Go to http://wordpress.org/ for detailed information. Cross Site...