11 matches found
EUVD-2006-4594
Malware in sbrugna...
CVE-2006-4607
admin/index.php in Longino Jacome php-Revista 1.1.2 allows remote attackers to bypass authentication controls by setting the IDADMIN and SUPERADMIN parameters to 1...
CVE-2006-4606
Multiple SQL injection vulnerabilities in Longino Jacome php-Revista 1.1.2 allow remote attackers to execute arbitrary SQL commands via the 1 idtemas parameter in busquedatema.php, the 2 cadena parameter in busqueda.php, the 3 idautor parameter in autor.php, the 4 email parameter in lista.php, an...
CVE-2006-4608
Multiple cross-site scripting XSS vulnerabilities in Longino Jacome php-Revista 1.1.2 allow remote attackers to inject arbitrary web script or HTML via the 1 cadena parameter in busqueda.php and the 2 email parameter in lista.php...
CVE-2006-4605
PHP remote file inclusion vulnerability in index.php in Longino Jacome php-Revista 1.1.2 allows remote attackers to execute arbitrary PHP code via the adodb parameter...
CVE-2006-4607
admin/index.php in Longino Jacome php-Revista 1.1.2 allows remote attackers to bypass authentication controls by setting the IDADMIN and SUPERADMIN parameters to 1...
CVE-2006-4606
Multiple SQL injection vulnerabilities in Longino Jacome php-Revista 1.1.2 allow remote attackers to execute arbitrary SQL commands via the 1 idtemas parameter in busquedatema.php, the 2 cadena parameter in busqueda.php, the 3 idautor parameter in autor.php, the 4 email parameter in lista.php, an...
CVE-2006-4608
Multiple cross-site scripting XSS vulnerabilities in Longino Jacome php-Revista 1.1.2 allow remote attackers to inject arbitrary web script or HTML via the 1 cadena parameter in busqueda.php and the 2 email parameter in lista.php...
CVE-2006-4608
CVE-2006-4608 affects Longino Jacome php-Revista 1.1.2 with two XSS vulnerabilities: an injected script/HTML via the cadena parameter in busqueda.php and via the email parameter in lista.php. The description explicitly states remote attackers can inject arbitrary script, implying client-side scri...
CVE-2006-4606
CVE-2006-4606 affects Longino Jacome’s php-Revista 1.1.2. The vulnerability involves multiple SQL injection flaws in five parameters across different PHP scripts: (1) id_temas in busqueda_tema.php, (2) cadena in busqueda.php, (3) id_autor in autor.php, (4) email in lista.php, and (5) id_articulo ...
CVE-2006-4607
CVE-2006-4607 affects Longino Jacome php-Revista 1.1.2. The vulnerability is in admin/index.php, where remote attackers can bypass authentication by setting ID_ADMIN and SUPER_ADMIN to 1. The NVD entry documents an authentication bypass with this parameter manipulation. No explicit remediation is...