CVE-2008-0391

The CVE-2008-0391 entry concerns inc/elementz.php in aliTalk 1.9.1.1, where authentication verification is flawed, enabling remote attackers to add an arbitrary user account by tampering with the lilil parameter alongside ubild and pa. The vulnerability enables partial confidentiality, integrity,...

CVE-2006-2344

SQL injection vulnerability in inc/elementz.php in AliPAGER 1.5, with magicquotesgpc disabled, allows remote attackers to execute arbitrary SQL commands via the ubild parameter...

CVE-2006-2344

The CVE-2006-2344 issue affects AliPAGER 1.5, with a SQL injection in inc/elementz.php via the ubild parameter when magic_quotes_gpc is disabled. Root cause is improper input handling enabling arbitrary SQL execution. Impact per available data: partial confidentiality and partial integrity; no av...

CVE-2006-2345

CVE-2006-2345 describes a cross-site scripting (XSS) vulnerability in the AliPAGER 1.5 product, specifically in the file inc/elementz.php. The issue allows remote attackers to inject arbitrary web script or HTML through the ubild parameter. The description notes the provenance is from third‑party...