4 matches found
CVE-2006-6521
SQL injection vulnerability in lire-avis.php in Messageriescripthp 2.0 allows remote attackers to execute arbitrary SQL commands via the aa parameter...
CVE-2006-6521
CVE-2006-6521 is a SQL injection vulnerability affecting lire-avis.php in Messageriescripthp 2.0. The underlying issue allows remote attackers to inject and execute arbitrary SQL commands via the aa parameter. Documented impact aligns with partial confidentiality, integrity, and availability conc...
CVE-2006-6520
The CVE-2006-6520 entry describes multiple XSS vulnerabilities in Messageriescripthp 2.0, allowing remote attackers to inject arbitrary script/HTML via parameters: pseudo to existepseudo.php, email to existeemail.php, and pageName or cssform to Contact/contact.php. NVD reports a CVSS v2 base scor...
Messageriescripthp 2.0 - 'existepseudo.php?pseudo' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21513/info Messageriescripthp is prone to multiple input-validation vulnerabilities, including SQL-injection and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to...