7210 matches found
MercuryBoard 1.1 - index.php SQL Injection
MercuryBoard 1.1 - index.php SQL Injection source: https://www.securityfocus.com/bid/12503/info MercuryBoard is affected by an SQL injection vulnerability. This issue is due to the application failing to properly sanitize user-supplied input before being used in SQL queries. The vulnerability is...
MercuryBoard 1.1 - 'index.php' SQL Injection
source: https://www.securityfocus.com/bid/12503/info MercuryBoard is affected by an SQL injection vulnerability. This issue is due to the application failing to properly sanitize user-supplied input before being used in SQL queries. The vulnerability is reported to affect the 'index.php' script...
CVE-2005-0217
CVE-2005-0217 affects Invision Community Blog (index.php) with the eid parameter vulnerable to SQL injection. Root cause: unsanitized input in a database query via eid. Impact: partial disclosure/integrity/availability per NVD metrics. Exploitation: remote attackers can execute arbitrary SQL comm...
Sunshop < 3.4RC2 index.php search Parameter XSS
Binary data 2590.prm...
CVE-2004-1911
Cross-site scripting XSS vulnerability in AzDGDatingLite 2.1.1 allows remote attackers to inject arbitrary web script or HTML via the 1 l parameter aka language variable to index.php or 2 id parameter to view.php...
CVE-2004-2511
Multiple cross-site scripting XSS vulnerabilities in DCP-Portal 5.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the year, 2 month, and 3 day parameters in calendar.php; 4 the cid and 5 url parameters in index.php; 6 the cid parameter in annoucement.php; 7 the...
CVE-2004-1384
Multiple cross-site scripting XSS vulnerabilities in phpGroupWare 0.9.16.003 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 kp3, 2 type, 3 msg, 4 forumid, 5 pos, 6 catsapp, 7 catid, 8 msgballmsgnum, 9 fldballacctnum parameters to index.php or 10 ticketid to...
CVE-2004-2222
Directory traversal vulnerability in index.php in FsPHPGallery before 1.2 allows remote attackers to list arbitrary directories via the dir parameter...
CVE-2004-1413
Multiple SQL injection vulnerabilities in Kayako eSupport 2.x allow remote attackers to execute arbitrary SQL commands via the 1 subcat, 2 rate, 3 questiondetails, 4 ticketkey22, 5 email22 parameters to index.php, or 6 the e-mail field of the Forgot Key feature...
CVE-2004-1746
Cross-site scripting XSS vulnerability in index.php in PHP Code Snippet Library allows remote attackers to inject arbitrary web script or HTML via the 1 catselect or 2 show parameters...
PHProxy index.php error Parameter XSS
Binary data 2480.prm...
CVE-2004-1213
The CVE-2004-1213 entry concerns an XSS vulnerability in the index.php of Advanced Guestbook versions 2.3.1, 2.2, and potentially other releases. The issue allows remote attackers to inject arbitrary web scripts or HTML via the entry parameter. The description provided with the CVE states the vul...
Brooky CubeCart < 2.0.2 index.php cat_id Parameter SQL Injection
Binary data 2431.prm...
PowerPortal index.php index_page Parameter SQL Injection
Binary data 2409.prm...
miniBB < 1.7f index.php user Parameter SQL Injection
Binary data 2407.prm...
CVE-2004-1692
Cross-site scripting XSS vulnerability in index.php in Mambo 4.5 1.0.9 allows remote attackers to inject arbitrary web script or HTML via the 1 Itemid, 2 mosmsg, or 3 limit parameters...
PSNews v1.1 index.php Multiple Parameter XSS
Binary data 2266.prm...
CuteNews index.php mod Parameter XSS
The version of CuteNews installed on the remote host is vulnerable to a cross-site scripting XSS attack. An attacker, exploiting this flaw, would need to be able to coerce a user to browse to a purposefully malicious URI. Upon successful exploitation, the attacker would be able to run code within...
CVE-2002-1560
CVE-2002-1560 affects gBook 1.4, where an issue in index.php allows remote attackers to bypass authentication and gain administrative privileges by setting the login parameter to true. The available documents describe the flaw as an authentication bypass with full admin access, but they do not pr...
PHP Code Snippet Library 'index.php' XSS
Binary data 2149.prm...