678 matches found
CVE-2005-4233
SQL injection vulnerability in advertiserstatistic.php in Ad Manager Pro 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the adnumber parameter...
PHP Web Scripts Ad Manager Pro 2.0 - 'Advertiser_statistic.php' SQL Injection
source: https://www.securityfocus.com/bid/15847/info Ad Manager Pro is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the...
Ad Manager Pro SQL vuln.
Ad Manager Pro SQL vuln. Vuln. dicovered by : r0t Date: 14 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/ad-manager-pro-sql-vuln.html vendor:www.phpwebscripts.com/admanagerpro/ affected version:2.0 and prior Product Description: Quality ad management system. Graphical or text-bas...
PHP Web Scripts Ad Manager Pro 2.0 - Advertiser_statistic.php SQL Injection
PHP Web Scripts Ad Manager Pro 2.0 - Advertiserstatistic.php SQL Injection source: https://www.securityfocus.com/bid/15847/info Ad Manager Pro is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in ...
CVE-2005-4037
CVE-2005-4037 affects Web4Future Affiliate Manager PRO 4.1 and earlier. The vulnerability is a SQL injection in functions.php reachable via the pid parameter, enabling remote SQL commands. CVSS metrics in the initial entry indicate base score 7.5 (HIGH) with network attack vector and low attack c...
CVE-2005-4037
SQL injection vulnerability in functions.php in Web4Future Affiliate Manager PRO 4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter...
CVE-2005-3320
Cross-site scripting XSS vulnerability in SiteTurn Domain Manager Pro allows remote attackers to inject arbitrary web script or HTML via the err parameter in the panel script...
CVE-2005-3320
CVE-2005-3320 describes a cross-site scripting (XSS) vulnerability in SiteTurn Domain Manager Pro, exploitable by supplying arbitrary script/HTML via the err parameter in the panel script. The NVD entry lists an XSS impact with a low base score (2.6) and metrics: AV:N/AC:H/Au:N/C:N/I:P/A:N, indic...
SiteTurn Domain Manager Pro - Admin Panel Cross-Site Scripting
source: https://www.securityfocus.com/bid/15186/info Domain Manager Pro is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the...
CYBSEC - PHPMailer Infinite Loop Denial of Service
CYBSEC S.A. www.cybsec.com Advisory Name: PHPMailer Infinite Loop Denial of Service ============== Vulnerability Class: Denial of Service ==================== Release Date: 05.27.2005 ============= Affected Applications: ====================== PHPMailer = 1.72 Affected Platforms:...
CVE-2005-1095
Cross-site scripting XSS vulnerability in main.asp for Ocean12 Membership Manager Pro 1.x allows remote attackers to inject arbitrary web script or HTML via the page parameter...
[HSC Security Group] Ocean12 Mailing List Manager Pro SQL injection
Hackers Center Security Group http://www.hackerscenter.com/ Zinho's Security Advisory Desc: SQL injection : Ocean12 Mailing list manager PRO 1.06 Vendor: www.ocean12scripts.com Risk: High An sql injection allows anyone to login as admin using this sql query in the login panel: Adminid: Admin' UNI...
ocean12_xss_and_sql_inj.txt
Content-type: Multipart/Alternative; boundary="Alt-Boundary-17843.14003556" --Alt-Boundary-17843.14003556 Hackers Center Security Group http://www.hackerscenter.com/ Zinho's Security Advisory Title: Ocean12 Membership Manager Pro : XSS and Sql injection Risk: High Date: 5/04/2005 Vendor:...
CVE-2005-1095
CVE-2005-1095 affects Ocean12 Membership Manager Pro 1.x; the vulnerability is a reflected XSS in main.asp via the page parameter, enabling remote script/HTML injection. The root cause is insufficient sanitization of the page parameter. Per the provided documents, the vulnerability has a NVD CVSS...
CVE-2005-1095
Cross-site scripting XSS vulnerability in main.asp for Ocean12 Membership Manager Pro 1.x allows remote attackers to inject arbitrary web script or HTML via the page parameter...
CVE-2005-1096
CVE-2005-1096 affects Ocean12 Membership Manager Pro 1.x. A SQL injection flaw exists in the main.asp page, allowing remote attackers to inject arbitrary SQL commands through the UserID parameter. The vulnerability details are consistent across NVD/CVE records; exploitation specifics or impacted ...
CVE-2005-1096
SQL injection vulnerability in main.asp for Ocean12 Membership Manager Pro 1.x allows remote attackers to execute arbitrary SQL commands via the UserID parameter...
CVE-2005-1096
SQL injection vulnerability in main.asp for Ocean12 Membership Manager Pro 1.x allows remote attackers to execute arbitrary SQL commands via the UserID parameter...