EUVD-2008-2407

Malware in sbrugna...

CVE-2008-2413

Cross-site scripting XSS vulnerability in glossaire.php in ACGV News 0.9.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter...

Sql injection

SQL injection vulnerability in glossaire.php in ACGV News 0.9.1 allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2008-2413

Cross-site scripting XSS vulnerability in glossaire.php in ACGV News 0.9.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter...

CVE-2008-2413

CVE-2008-2413 affects ACGV News 0.9.1 in the glossaire.php component, where the id parameter is reflected without proper sanitization, enabling cross-site scripting (XSS) by remote attackers. The provided descriptions consistently identify a user-controllable id parameter as the trigger, yielding...

CVE-2008-2412

CVE-2008-2412 is a SQL injection vulnerability in the PHP file glossaire.php of ACGV News 0.9.1 . The vulnerability allows remote attackers to execute arbitrary SQL commands via the id parameter, as described in multiple sources (NVD/NIST) with a CVSS v2 base score of 7.5 (HIGH). The core issue i...

CVE-2008-2412

SQL injection vulnerability in glossaire.php in ACGV News 0.9.1 allows remote attackers to execute arbitrary SQL commands via the id parameter...

ACGV News 0.9.1 - glossaire.php?id Cross-Site Scripting

ACGV News 0.9.1 - glossaire.php?id Cross-Site Scripting source: https://www.securityfocus.com/bid/29253/info ACGV News is prone to multiple input-validation vulnerabilities, including an SQL-injection issue and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied...