46 matches found
CVE-2008-6597
Cross-site scripting XSS vulnerability in upload/install/index.php in PHCDownload 1.1 allows remote attackers to inject arbitrary web script or HTML via the step parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2008-6596
SQL injection vulnerability in admin/index.php in PHCDownload 1.1 allows remote attackers to execute arbitrary SQL commands via the hash parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
EUVD-2006-3520
Malware in sbrugna...
EUVD-2008-6559
Malware in sbrugna...
EUVD-2007-6635
Malware in sbrugna...
EUVD-2007-6554
Malware in sbrugna...
EUVD-2007-6634
Malware in sbrugna...
EUVD-2008-6560
Malware in sbrugna...
PHCDownload 1.1 search.php string Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/27066/info PHCDownload is prone to an SQL-injection and cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...
PHCDownload 1.1 - admin/index.php hash Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/28922/info PHCDownload is prone to an SQL-injection and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script cod...
PHCDownload 1.1 - upload/install/index.php step Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/28922/info PHCDownload is prone to an SQL-injection and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script cod...
PHCDownload 1.1 search.php string Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/27066/info PHCDownload is prone to an SQL-injection and cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...
Cross site scripting
Cross-site scripting XSS vulnerability in upload/install/index.php in PHCDownload 1.1 allows remote attackers to inject arbitrary web script or HTML via the step parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
Sql injection
SQL injection vulnerability in admin/index.php in PHCDownload 1.1 allows remote attackers to execute arbitrary SQL commands via the hash parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2008-6596
SQL injection vulnerability in admin/index.php in PHCDownload 1.1 allows remote attackers to execute arbitrary SQL commands via the hash parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2008-6597
Cross-site scripting XSS vulnerability in upload/install/index.php in PHCDownload 1.1 allows remote attackers to inject arbitrary web script or HTML via the step parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2008-6596
CVE-2008-6596 affects PHCDownload 1.1, specifically the admin/index.php component. The vulnerability is a SQL injection via the hash parameter, enabling remote attackers to execute arbitrary SQL commands. Documented impact per the CVE is partial confidentiality, integrity, and availability exposu...
CVE-2008-6597
PHCDownload 1.1 is affected by a cross-site scripting (XSS) vulnerability in upload/install/index.php, exploitable via the step parameter. The issue allows remote attackers to inject arbitrary web script or HTML. Affected component is PHCDownload 1.1; root cause is improper handling of the step p...
CVE-2008-6597
Cross-site scripting XSS vulnerability in upload/install/index.php in PHCDownload 1.1 allows remote attackers to inject arbitrary web script or HTML via the step parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2008-6596
SQL injection vulnerability in admin/index.php in PHCDownload 1.1 allows remote attackers to execute arbitrary SQL commands via the hash parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...