CVE-2009-3419

SQL injection vulnerability in index.php in the Publisher module 2.0 for Miniweb allows remote attackers to execute arbitrary SQL commands via the historymonth parameter...

Sql injection

SQL injection vulnerability in index.php in the Publisher module 2.0 for Miniweb allows remote attackers to execute arbitrary SQL commands via the historymonth parameter...

CVE-2009-3420

CVE-2009-3420: XSS in Miniweb’s Publisher module 2.0 (index.php) via begin parameter and PATH_INFO. Affected: Publisher module 2.0 for Miniweb; vulnerability allows remote injection of script/HTML; CVSS v2 base score 4.3 (Medium) with partial integrity impact. Exploitation details: remote attacke...

CVE-2009-3419

CVE-2009-3419 describes an SQL injection in the Miniweb Publisher module 2.0, via index.php and the historymonth parameter. Affected software: Miniweb Publisher module 2.0 (index.php). Root cause: unsafely handled input in historymonth leading to SQL command execution. Impact: remote attackers co...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. PHP-Nuke AutoHTML Module 2.0 - crossite scripting...

CVE-2004-1841

CVE-2004-1841 concerns a SQL injection in MS Analysis module 2.0 for PHP-Nuke, allowing remote attackers to execute arbitrary SQL via the Referer header in an HTTP request. The available documents identify the affected component and the general vulnerability class but do not provide version-speci...