8 matches found
EUVD-2008-2407
Malware in sbrugna...
Sql injection
SQL injection vulnerability in glossaire.php in ACGV News 0.9.1 allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2008-2413
Cross-site scripting XSS vulnerability in glossaire.php in ACGV News 0.9.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter...
CVE-2008-2413
Cross-site scripting XSS vulnerability in glossaire.php in ACGV News 0.9.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter...
CVE-2008-2412
SQL injection vulnerability in glossaire.php in ACGV News 0.9.1 allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2008-2413
CVE-2008-2413 affects ACGV News 0.9.1 in the glossaire.php component, where the id parameter is reflected without proper sanitization, enabling cross-site scripting (XSS) by remote attackers. The provided descriptions consistently identify a user-controllable id parameter as the trigger, yielding...
CVE-2008-2412
CVE-2008-2412 is a SQL injection vulnerability in the PHP file glossaire.php of ACGV News 0.9.1 . The vulnerability allows remote attackers to execute arbitrary SQL commands via the id parameter, as described in multiple sources (NVD/NIST) with a CVSS v2 base score of 7.5 (HIGH). The core issue i...
ACGV News 0.9.1 - glossaire.php?id Cross-Site Scripting
ACGV News 0.9.1 - glossaire.php?id Cross-Site Scripting source: https://www.securityfocus.com/bid/29253/info ACGV News is prone to multiple input-validation vulnerabilities, including an SQL-injection issue and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied...