EUVD-2007-6111

Malware in sbrugna...

CVE-2007-6142

Multiple cross-site scripting XSS vulnerabilities in ph03y3nk just another flat file JAF CMS 4.0 RC2 allow remote attackers to inject arbitrary web script or HTML via the 1 show parameter to index.php and the 2 print parameter to print.php. NOTE: the provenance of this information is unknown; the...

CVE-2006-5129

Multiple cross-site scripting XSS vulnerabilities in ph03y3nk just another flat file JAF CMS 4.0 RC1 allow remote attackers to inject arbitrary web script or HTML via 1 the message parameter, and possibly other parameters, in module/shout/jafshout.php aka the shoutbox; and 2 the message body in a...

CVE-2006-5131

module/shout/jafshout.php aka the shoutbox in ph03y3nk just another flat file JAF CMS 4.0 RC1 allows remote attackers to execute arbitrary code within sections bounded by "", possibly due to a static code injection vulnerability involving admin/datainc.php...

CVE-2006-5129

CVE-2006-5129 affects ph03y3nk just another flat file (JAF) CMS 4.0 RC1. The vulnerabilities are cross-site scripting in two spots: (1) module/shout/jafshout.php (the shoutbox) via the message parameter and related name/email/title/date/ldate/lname variables, and (2) the message body in a forum p...

CVE-2006-5130

CVE-2006-5130 describes multiple XSS vulnerabilities in the ph03y3nk just another flat file (JAF) CMS 4.0 RC1 . The flaws allow remote attackers to inject arbitrary web script or HTML via the forum post parameters: name, url, title, and about . The underlying product is a flat-file CMS, and the d...

CVE-2006-5131

CVE-2006-5131 affects ph03y3nk Just Another Flat File (JAF) CMS 4.0 RC1. The vulnerability is in module/shout/jafshout.php (the shoutbox), where remote attackers could execute arbitrary code within sections bounded by "". This is described as potentially due to a static code injection vulnerabili...