934 matches found
CVE-2005-1750
SQL injection vulnerability in login.asp in ezdwc NewsletterEz 3.0 allows remote attackers to execute arbitrary SQL commands via the password parameter...
PT-2005-2722 · Ezdwc · Ezdwc Newsletterez
Name of the Vulnerable Software and Affected Versions: ezdwc NewsletterEz version 3.0 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the password parameter in the "login.asp" file. Recommendations: For ezdwc NewsletterEz version 3.0, conside...
PT-2005-2754 · Funkyasp · Funkyasp Ad System
Name of the Vulnerable Software and Affected Versions: FunkyASP AD System version 1.1 Description: The issue allows remote attackers to execute arbitrary SQL commands and gain privileges. This is achieved via the password parameter in the admin.asp file. Recommendations: For FunkyASP AD System...
CVE-2005-1573
SQL injection vulnerability in adminlogin.asp for ASP Virtual News Manager allows remote attackers to execute arbitrary SQL commands via the password parameter...
CVE-2005-1573
SQL injection vulnerability in adminlogin.asp for ASP Virtual News Manager allows remote attackers to execute arbitrary SQL commands via the password parameter...
PT-2005-2552 · Asp · Asp Virtual News Manager
Name of the Vulnerable Software and Affected Versions: ASP Virtual News Manager affected versions not specified Description: The issue allows remote attackers to execute arbitrary SQL commands via the password parameter in the admin login.asp file. This can be exploited by sending malicious input...
PT-2005-1332 · Biborb · Biborb
Name of the Vulnerable Software and Affected Versions: BibORB versions 1.3.2 and earlier Description: The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the Username or Password variables. Recommendations: For BibORB versions 1.3.2 and earlier, update to...
CVE-2005-0111
Stack-based buffer overflow in the websql CGI program in MySQL MaxDB 7.5.00 allows remote attackers to execute arbitrary code via a long password parameter...
CVE-2004-2218
SQL injection vulnerability in pmwh.php in PHPMyWebHosting 0.3.4 and earlier allows remote attackers to modify SQL statements via the password parameter...
CVE-2002-1845
Cross-site scripting XSS vulnerability in index.php in Yet Another Bulletin Board YaBB 1.40 and 1.41 allows remote attackers to inject arbitrary web script or HTML via the password passwrd parameter...
security flaw
Cross-site scripting vulnerability in Mailman before 2.0.12 allows remote attackers to execute script as other users via a subscriber's list subscription options in the 1 adminpw or 2 info parameters to the ml-name feature...
CVE-2000-0923
CVE-2000-0923 concerns the authenticate.cgi CGI in Aplio PRO, where remote attackers can execute arbitrary commands by injecting shell metacharacters into the password parameter. The entry lists a CVSS v2 base score of 7.5 (HIGH) with network access, low attack complexity, and no authentication. ...
CVE-2000-0923
authenticate.cgi CGI program in Aplio PRO allows remote attackers to execute arbitrary commands via shell metacharacters in the password parameter...
CVE-2024-32355
TOTOLINK X5000R V9.1.0cu.2350B20230313 was discovered to contain a command injection vulnerability via the 'password' parameter in the setSSServer function...