7 matches found
CVE-2006-1360
Multiple SQL injection vulnerabilities in MusicBox 2.3 Beta 2 allow remote attackers to execute arbitrary SQL commands via the 1 id, 2 type, or 3 show parameter to a index.php; or the 4 message1 or 5 message parameter to b cart.php...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Musicbox 2.3 Beta 2 allow remote attackers to inject arbitrary web script or HTML via the 1 id and 2 type and 3 show parameters in a top action in a index.php; and the 4 message1 parameter in b cart.php...
CVE-2006-1349
CVE-2006-1349 describes multiple cross-site scripting (XSS) vulnerabilities in Musicbox 2.3 Beta 2. An affected component is the Musicbox web interface (index.php and cart.php) where user-supplied input in parameters (1) id, (2) type, (3) show, and (4) message1 can be injected as script/HTML. The...
MusicBox 2.3 - 'cart.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/17149/info MusicBox is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful...
CVE-2005-4500
SQL injection vulnerability in MusicBox 2.3 allows remote attackers to execute arbitrary SQL commands via the 1 show and 2 type parameter. NOTE: the provenance of this information is unknown, although it was later rediscovered...
CVE-2005-4500
MusicBox 2.3 is affected by CVE-2005-4500 due to an SQL injection in the show and type parameters, enabling remote attackers to execute arbitrary SQL commands. The connected sources confirm the vulnerability and its parameters, but do not provide remediation details in these documents.
MusicBox 2.3 - type SQL Injection
MusicBox 2.3 - type SQL Injection source: https://www.securityfocus.com/bid/16030/info MusicBox is prone to an SQL injection vulnerability. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit...