40 matches found
EUVD-2009-3418
Malware in sbrugna...
EUVD-2004-1582
Malware in sbrugna...
EUVD-2007-0823
Malware in sbrugna...
CVE-2005-1570
forum.asp in bttlxeForum 2.0 allows remote attackers to obtain full path information via a certain hex-encoded argument to the page parameter, possibly due to a SQL injection vulnerability...
CVE-2005-4256
Cross-site scripting XSS vulnerability in forum.asp in ASP-DEV XM Forum RC3 allows remote attackers to inject arbitrary web script or HTML via the forumtitle parameter. NOTE: the provenance of this issue is unknown; the details are obtained solely from the BID. In addition, its accuracy is in...
MaxWebPortal 1.365 'forum.asp' SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/36480/info MaxWebPortal is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise...
Sql injection
SQL injection vulnerability in forum.asp in Snitz Forums 2000 allows remote attackers to execute arbitrary SQL commands via the TOPICID parameter...
CVE-2012-5313
CVE-2012-5313 describes an SQL injection in the Snitz Forums 2000 product, specifically in forum.asp via the TOPIC_ID parameter. This allows remote attackers to manipulate SQL commands, potentially exposing or altering data. The vulnerability is tied to the Web application’s handling of TOPIC_ID ...
Snitz Communications SQL Injection
Title: ====== Snitz Communications 2010/11 - SQL Injection Vulnerability Date: ===== 2012-01-18 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=384 VL-ID: ===== 384 Introduction: ============= Snitz Forums 2000, one of the best ASP based bulletin board systems on the...
Snitz Communications 2010/11 - SQL Injection Vulnerability
Document Title: =============== Snitz Communications 2010/11 - SQL Injection Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=384 Release Date: ============= 2012-01-17 Vulnerability Laboratory ID VL-ID: ====================================...
Snitz Communications 2010/11 - SQL Injection Vulnerability
Document Title: =============== Snitz Communications 2010/11 - SQL Injection Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=384 Release Date: ============= 2012-01-17 Vulnerability Laboratory ID VL-ID: ====================================...
BlogWorx Blog v1.0 XSS Vulnerability
No description provided by source. ------------------- header data start ------------------- BlogWorx Blog Xss Vulnerability Author : Cyber945 Home : Ar-ge.Org Greetz : D3xer and All Ar-ge.Org Members Not3 : Ar-ge.Org Online Name : BlogWorx Blog Xss Bug Type : Xss Infection : Adminin bilgileri...
CVE-2009-3436
CVE-2009-3436 concerns the MaxWebPortal ASP application. The vulnerability is a SQL injection in the forum.asp script accessible via the parameters FORUM_ID or CAT_ID , allowing remote attackers to execute arbitrary SQL commands. This mirrors related disclosures (e.g., CVE-2005-1417) and is corro...
Maxwebportal 1.365 - forum.asp SQL Injection
Maxwebportal 1.365 - forum.asp SQL Injection source: https://www.securityfocus.com/bid/36480/info MaxWebPortal is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...
Sql injection
SQL injection vulnerability in forum.asp in GO4I.NET ASP Forum 1.0 allows remote attackers to execute arbitrary SQL commands via the iFor parameter...
Sql injection
SQL injection vulnerability in forum.asp in W1L3D4 Philboard 1.14 and 1.2 allows remote attackers to execute arbitrary SQL commands via the forumid parameter. NOTE: this might overlap CVE-2008-2334, CVE-2008-1939, CVE-2007-2641, or CVE-2007-0920...
CVE-2008-5192
SQL injection vulnerability in forum.asp in W1L3D4 Philboard 1.14 and 1.2 allows remote attackers to execute arbitrary SQL commands via the forumid parameter. NOTE: this might overlap CVE-2008-2334, CVE-2008-1939, CVE-2007-2641, or CVE-2007-0920...
CVE-2008-5192
SQL injection vulnerability in forum.asp in W1L3D4 Philboard 1.14 and 1.2 allows remote attackers to execute arbitrary SQL commands via the forumid parameter. NOTE: this might overlap CVE-2008-2334, CVE-2008-1939, CVE-2007-2641, or CVE-2007-0920...
CVE-2008-5192
CVE-2008-5192 concerns a SQL injection vulnerability in forum.asp of W1L3D4 Philboard versions 1.14 and 1.2, exploitable via the forumid parameter. The root cause is an unsafely handled input for forumid that allows arbitrary SQL execution by an attacker. Connected records corroborate the vulnera...
DUdForum 3.0 (forum.asp iFor) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ================================================================ DUdForum 3.0 forum.asp iFor Remote SQL Injection Vulnerability ================================================================ + Script Name : DUdForum 3.0 Rem0te SQL...