147 matches found
PHPWebThings 0.4.4 - 'forum.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/15276/info phpWebThings is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser...
CVE-2005-3394
Multiple SQL injection vulnerabilities in forum.php in oaboard forum 1.0 allow remote attackers to execute arbitrary SQL commands via the 1 channel parameter in the topics module and 2 topic parameter in the posting module...
CVE-2005-3394
/* CVE-2005-3394 */ Summary: Multiple SQL injection vulnerabilities affect the oaboard forum 1.0 in the file/forum logic (forum.php). The two vulnerable parameters are the (1) channel parameter in the topics module and (2) the topic parameter in the posting module. What is affected: oaboard forum...
OaBoard 1.0 - forum.php Multiple SQL Injections
OaBoard 1.0 - forum.php Multiple SQL Injections source: https://www.securityfocus.com/bid/15245/info OaBoard is prone to multiple SQL injection vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input before using it in an SQL query. Successful exploitation...
OaBoard 1.0 - 'forum.php' Multiple SQL Injections
source: https://www.securityfocus.com/bid/15245/info OaBoard is prone to multiple SQL injection vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the application,...
CVE-2005-2430
Multiple cross-site scripting XSS vulnerabilities in GForge 4.5 allow remote attackers to inject arbitrary web script or HTML via the 1 forumid or 2 groupid parameter to forum.php, 3 projecttaskid parameter to task.php, 4 id parameter to detail.php, 5 the text field on the search page, 6 groupid...
CVE-2005-0413
Multiple SQL injection vulnerabilities in MyPHP Forum 1.0 allow remote attackers to execute arbitrary SQL commands via 1 the fid in forum.php, 2 the member parameter in member.php, 3 the email parameter in forgot.php, or 4 the nbuser or nbpass parameters in include.php. NOTE: it was later reporte...