11 matches found
EUVD-2007-0366
Malware in sbrugna...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in nicecoder.com INDEXU 5.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 errormsg parameter to a suggestcategory.php; the 2 u parameter to b userdetail.php; the 3 friendname, 4 friendemail, 5 errormsg, 6...
CVE-2007-0364
Multiple cross-site scripting XSS vulnerabilities in nicecoder.com INDEXU 5.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 errormsg parameter to a suggestcategory.php; the 2 u parameter to b userdetail.php; the 3 friendname, 4 friendemail, 5 errormsg, 6...
CVE-2007-0364
CVE-2007-0364 describes multiple cross-site scripting (XSS) vulnerabilities in nicecoder.com INDEXU 5.3 and earlier, allowing remote attackers to inject arbitrary script/HTML via numerous parameters across several pages (e.g., suggest_category.php, user_detail.php, tell_friend.php, sendmail.php, ...
Directory traversal
Directory traversal vulnerability in upgrade.php in nicecoder.com INDEXU 5.x allows remote attackers to include arbitrary local files via a .. dot dot in the gateway parameter...
CVE-2006-1767
Multiple PHP remote file inclusion vulnerabilities in nicecoder.com INDEXU 5.0.0 and 5.0.1 allow remote attackers to execute arbitrary PHP code via a URL in the themepath parameter in 1 index.php, 2 becomeeditor.php, 3 add.php, 4 badlink.php, 5 browse.php, 6 detail.php, 7 fav.php, 8 getrated.php,...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in nicecoder.com INDEXU 5.0.0 and 5.0.1 allow remote attackers to execute arbitrary PHP code via a URL in the themepath parameter in 1 index.php, 2 becomeeditor.php, 3 add.php, 4 badlink.php, 5 browse.php, 6 detail.php, 7 fav.php, 8 getrated.php,...
CVE-2006-1767
Multiple PHP remote file inclusion vulnerabilities in nicecoder.com INDEXU 5.0.0 and 5.0.1 allow remote attackers to execute arbitrary PHP code via a URL in the themepath parameter in 1 index.php, 2 becomeeditor.php, 3 add.php, 4 badlink.php, 5 browse.php, 6 detail.php, 7 fav.php, 8 getrated.php,...
Remote file inclusion
PHP remote file include vulnerability in application.php in nicecoder.com indexu 5.0.0 and 5.0.1 allows remote attackers to execute arbitrary PHP code via a URL in the basepath parameter...
CVE-2006-0688
CVE-2006-0688 describes a PHP remote file inclusion vulnerability in the NiceCoder Indexu product, affecting versions 5.0.0 and 5.0.1. The flaw arises in application.php, allowing a remote attacker to execute arbitrary PHP code by supplying a URL in the base_path parameter. The NVD entry indicate...
CVE-2006-0688
PHP remote file include vulnerability in application.php in nicecoder.com indexu 5.0.0 and 5.0.1 allows remote attackers to execute arbitrary PHP code via a URL in the basepath parameter...