26 matches found
EUVD-2007-2992
Malware in sbrugna...
EUVD-2007-2994
Malware in sbrugna...
EUVD-2007-2993
Malware in sbrugna...
EUVD-2005-4234
Malware in sbrugna...
PHP JackKnife 2.21 (PHPJK) G_Display.php iCategoryUnq Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/24253/info PHP JackKnife is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues. Exploiting these issues could allow an attacker to steal cookie-based authentication...
PHP JackKnife 2.21 (PHPJK) Search/DisplayResults.php iSearchID Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/24253/info PHP JackKnife is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues. Exploiting these issues could allow an attacker to steal cookie-based authentication...
PHP JackKnife 2.21 (PHPJK) UserArea/NewAccounts/index.php sAccountUnq Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/24253/info PHP JackKnife is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues. Exploiting these issues could allow an attacker to steal cookie-based authentication...
CVE-2007-3002
PHP JackKnife PHPJK allows remote attackers to obtain sensitive information via 1 a request to index.php with an invalid value of the iParentUnq parameter, or a request to GDisplay.php with an invalid 2 iCategoryUnq or 3 sSort array parameter, which reveals the path in various error messages...
Sql injection
Multiple SQL injection vulnerabilities in PHP JackKnife PHPJK allow remote attackers to execute arbitrary SQL commands via 1 the iCategoryUnq parameter to GDisplay.php or 2 the iSearchID parameter to Search/DisplayResults.php...
Design/Logic Flaw
PHP JackKnife PHPJK allows remote attackers to obtain sensitive information via 1 a request to index.php with an invalid value of the iParentUnq parameter, or a request to GDisplay.php with an invalid 2 iCategoryUnq or 3 sSort array parameter, which reveals the path in various error messages...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in PHP JackKnife PHPJK allow remote attackers to inject arbitrary web script or HTML via 1 the sUName parameter to UserArea/Authenticate.php, 2 the sAccountUnq parameter to UserArea/NewAccounts/index.php, or the 3 iCategoryUnq, 4 iDBLoc, 5...
CVE-2007-3001
Multiple cross-site scripting XSS vulnerabilities in PHP JackKnife PHPJK allow remote attackers to inject arbitrary web script or HTML via 1 the sUName parameter to UserArea/Authenticate.php, 2 the sAccountUnq parameter to UserArea/NewAccounts/index.php, or the 3 iCategoryUnq, 4 iDBLoc, 5...
PHP JackKnife [multiple vulnerabilities]
Vendor site: http://www.phpjk.com/ Product: phpjackknife Bug: sql injection , xss , full path Risk: high Note: works regarless of php.ini settings Description: PHP JackKnife PHPJK is freely downloadable PHP gallery software that you can use to instantly create you own online web gallery Injection...
PHP JackKnife 2.21 - (PHPJK) G_Display.php Multiple Cross-Site Scripting Vulnerabilities
PHP JackKnife 2.21 - PHPJK GDisplay.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/24253/info PHP JackKnife is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues. Exploiting these issues could...
PHP JackKnife 2.21 - (PHPJK) UserAreaNewAccountsindex.php?sAccountUnq Cross-Site Scripting
PHP JackKnife 2.21 - PHPJK UserAreaNewAccountsindex.php?sAccountUnq Cross-Site Scripting source: https://www.securityfocus.com/bid/24253/info PHP JackKnife is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues. Exploiting these issues could...
PHP JackKnife 2.21 - (PHPJK) UserAreaAuthenticate.php?sUName Cross-Site Scripting
PHP JackKnife 2.21 - PHPJK UserAreaAuthenticate.php?sUName Cross-Site Scripting source: https://www.securityfocus.com/bid/24253/info PHP JackKnife is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues. Exploiting these issues could allow an...
PHP JackKnife 2.21 - (PHPJK) SearchDisplayResults.php?iSearchID SQL Injection
PHP JackKnife 2.21 - PHPJK SearchDisplayResults.php?iSearchID SQL Injection source: https://www.securityfocus.com/bid/24253/info PHP JackKnife is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues. Exploiting these issues could allow an...
PHP JackKnife 2.21 - (PHPJK) G_Display.php?iCategoryUnq SQL Injection
PHP JackKnife 2.21 - PHPJK GDisplay.php?iCategoryUnq SQL Injection source: https://www.securityfocus.com/bid/24253/info PHP JackKnife is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues. Exploiting these issues could allow an attacker to...
PHP JackKnife 2.21 - '/(PHPJK) UserArea/Authenticate.php?sUName' Cross-Site Scripting
source: https://www.securityfocus.com/bid/24253/info PHP JackKnife is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the...
PHP JackKnife 2.21 - '/(PHPJK) UserArea/NewAccounts/index.php?sAccountUnq' Cross-Site Scripting
source: https://www.securityfocus.com/bid/24253/info PHP JackKnife is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the...