5 matches found
EUVD-2006-2146
Malware in sbrugna...
CVE-2006-2146
Multiple cross-site scripting XSS vulnerabilities in index.php in HB-NS 1.1.6 allow remote attackers to inject arbitrary web script or HTML via the 1 postername, 2 posteremail, 3 posterhomepage, or 4 message parameter...
Sql injection
Multiple SQL injection vulnerabilities in index.php in HB-NS 1.1.6 allow remote attackers to execute arbitrary SQL commands via the 1 topic or 2 id parameter...
CVE-2006-2146
HB-NS (Harold Bakker’s NewsScript) 1.1.6 contains multiple cross-site scripting (XSS) vulnerabilities in index.php. The CVE-2006-2146 entry states remote attackers can inject arbitrary script/HTML via the (1) poster_name, (2) poster_email, (3) poster_homepage, or (4) message parameters. The NVD e...
CVE-2006-2145
In the provided documents, CVE-2006-2145 affects HB-NS 1.1.6 and relates to multiple SQL injection flaws in index.php that allow remote attackers to execute arbitrary SQL commands via the (1) topic or (2) id parameter. The NVD entry lists a CVSS v2 base score of 6.4 (Medium) with network attack v...