CVE-2006-3610

index.php in Orbitcoders OrbitMATRIX 1.0 allows remote attackers to obtain sensitive information partial database schema via a modified pagename parameter, which reflects portions of an SQL query in the result. NOTE: it is not clear whether the information is target-specific. If not, then this...

CVE-2006-3609

Cross-site scripting XSS vulnerability in index.php in Orbitcoders OrbitMATRIX 1.0 allows remote attackers to inject arbitrary web script or HTML via the pagename parameter with an IMG tag containing a javascript URI in the SRC attribute...

CVE-2006-3609

Cross-site scripting XSS vulnerability in index.php in Orbitcoders OrbitMATRIX 1.0 allows remote attackers to inject arbitrary web script or HTML via the pagename parameter with an IMG tag containing a javascript URI in the SRC attribute...

CVE-2006-3614

index.php in Orbitcoders OrbitMATRIX 1.0 allows remote attackers to trigger a SQL error via the pagename parameter, possibly due to a SQL injection vulnerability...

CVE-2006-3610

CVE-2006-3610 affects Orbitcoders OrbitMATRIX 1.0 (index.php) where a modified page_name parameter can disclose portions of the SQL query, yielding a partial database schema. The vulnerability is described as an information disclosure that may be target-specific, with no explicit exploitation det...

CVE-2006-3614

CVE-2006-3614 affects OrbitMATRIX 1.0 (Orbitcoders). The vulnerability is described as a possible SQL injection exposing a vulnerability where the page_name parameter can trigger a SQL error, indicating a flaw in input handling within the affected component. The NVD entry lists a network attack v...