476 matches found
CVE-2006-4060
PHP remote file inclusion vulnerability in calendar.php in Visual Events Calendar 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the cfgdir parameter...
CVE-2006-2674
Multiple SQL injection vulnerabilities in Tamber Forum 1.9.13 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 frmid parameter to a showforum.asp, 2 a search field to b forumsearch.asp, 3 Email address or 4 Password to c admin/index.asp, 5 frmcatid parameter to d...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in admin/serverdaystats.php in Virtual Hosting Control System VHCS allow remote attackers to inject arbitrary web script or HTML via the 1 day, 2 month, or 3 year parameter...
CVE-2006-1972
Cross-site scripting XSS vulnerability in EasyGallery.php in Wingnut EasyGallery allows remote attackers to inject arbitrary web script or HTML via the ordner parameter...
CVE-2006-1760
Multiple cross-site scripting XSS vulnerabilities in JetPhoto allow remote attackers to inject arbitrary web script or HTML via the page parameter in 1 Classic.view/thumbnail.php, 2 Classic.view/gallery.php, 3 Classic.view/detail.php, or 4 Orange.view/detail.php; or 5 the name parameter in...
[SA18472] Widexl Download Tracker "ID" Parameter Cross-Site Scripting
TITLE: Widexl Download Tracker "ID" Parameter Cross-Site Scripting SECUNIA ADVISORY ID: SA18472 VERIFY ADVISORY: http://secunia.com/advisories/18472/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Widexl Download Tracker 1.x http://secunia.com/product/6830/...
CVE-2005-4387
Cross-site scripting XSS vulnerability in home.php in contenite 0.11 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter...
SQL-injections in koobi-cms
SQL-injections in koobi-cms 4.2.3 The program: koobi-cms Homepage: http://www.dream4.de/ Vulnerable Versions: 4.2.3 Has found: CENSORED SVT 28.04.05 The description --------------- Vulnerability has been found in parameter page. In koobi-cms it Refers to - p. Data transferred to this parameter no...
PerlDesk < 2 kb.cgi view Parameter SQL Injection
Binary data 2597.prm...
CVE-2004-2347
blog.cgi in Leif M. Wright Web Blog 1.1 and 1.1.5 allows remote attackers to execute arbitrary commands via shell metacharacters such as '|' in the file parameter of ViewFile requests...
Alan Ward A-Cart 2.0 - MSG Cross-Site Scripting
Alan Ward A-Cart 2.0 - MSG Cross-Site Scripting source: https://www.securityfocus.com/bid/8722/info A-Cart has been reported prone to a cross-site scripting vulnerability. The issue presents itself likely due to a lack of sufficient sanitization performed on data contained in the 'msg' URI...
Invision Power Board (IP.Board) 1.x - index.php showtopic Cross-Site Scripting
Invision Power Board IP.Board 1.x - index.php showtopic Cross-Site Scripting source: https://www.securityfocus.com/bid/8575/info Invision Power Board is prone to a cross-site scripting vulnerability. It has been reported that a remote attacker may construct a malicious link to the index.php scrip...
/search/index.cfm crossite scripting
/search/index.cfm allows insert HTML tags via search paramter...
Psunami Bulletin Board 0.x - Psunami.cgi Remote Command Execution (2)
Psunami Bulletin Board 0.x - Psunami.cgi Remote Command Execution 2 source: https://www.securityfocus.com/bid/6607/info Psunami Bulletin Board is prone to a remote command execution vulnerability. Psunami does not sufficiently sanitize shell metacharacters from query string parameters. As a resul...
CVE-2002-1751
csLiveSupport.cgi in CGIScript.net csLiveSupport allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function...
CVE-2002-2420
sitesearcher.cgi in Super Site Searcher allows remote attackers to execute arbitrary commands via shell metacharacters in the page parameter...