143 matches found
All Enthusiast ReviewPost PHP Pro < 2.5.2 Multiple Input Validation Vulnerabilities
Binary data 2486.prm...
All Enthusiast PhotoPost PHP Pro < 4.8.6 Multiple XSS
Binary data 2484.prm...
CVE-2005-0271
Multiple SQL injection vulnerabilities in ReviewPost PHP Pro before 2.84 allow remote attackers to execute arbitrary SQL commands via the 1 cat parameter to showcat.php or 2 product parameter to addfav.php...
CVE-2004-2175
Multiple SQL injection vulnerabilities in ReviewPost PHP Pro allow remote attackers to execute arbitrary SQL commands via the 1 product parameter to showproduct.php or 2 cat parameter to showcat.php...
CVE-2004-0250
SQL injection vulnerability in PhotoPost PHP Pro 4.6 and earlier allows remote attackers to gain privileges via 1 the product parameter in showproduct.php or 2 the cat parameter in showcat.php...
CVE-2004-0239
SQL injection vulnerability in showphoto.php in PhotoPost PHP Pro 4.6 and earlier allows remote attackers to gain unauthorized access via the photo variable...
CVE-2004-1870
Multiple SQL injection vulnerabilities in PhotoPost PHP Pro 4.6.x and earlier allow remote attackers to gain users' passwords via the 1 photo parameter to addfav.php, 2 photo parameter to comments.php, 3 credit parameter to comments.php, 4 cat parameter to index.php, 5 ppuser parameter to...
CVE-2004-1871
Multiple cross-site scripting XSS vulnerabilities in PhotoPost PHP Pro 4.6.x and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 ppuser, 2 password, 3 stype, 4 perpage, 5 sort, 6 page, 7 si, or 8 cat parameters to showmembers.php, or the 9 photo name, 10 photo...
PhotoPost PHP Pro 3.x/4.x - 'showgallery.php' Multiple SQL Injections
source: https://www.securityfocus.com/bid/9994/info Multiple SQL injection, cross-site scripting and HTML injection vulnerabilities have been identified in the application, which may allow an attacker to execute arbitrary HTML or script code in a user's browser and/or influence SQL query logic to...
CVE-2004-0250
The CVE-2004-0250 issue is a SQL injection in PhotoPost PHP Pro 4.6 and earlier. The vulnerability allows remote attackers to gain privileges via user-controlled inputs in showproduct.php (product parameter) or showcat.php (cat parameter). The describes affected component is the PHP-based PhotoPo...
CVE-2004-0239
SQL injection vulnerability in showphoto.php in PhotoPost PHP Pro 4.6 and earlier allows remote attackers to gain unauthorized access via the photo variable...
CVE-2004-0239
CVE-2004-0239 affects PhotoPost PHP Pro up to version 4.6. The vulnerability is a SQL injection in the showphoto.php script, exploitable via the photo parameter, which allows remote attackers to access unauthorized data. The issue stems from unsanitized input used in a database query. Affected so...
CVE-2004-0250
SQL injection vulnerability in PhotoPost PHP Pro 4.6 and earlier allows remote attackers to gain privileges via 1 the product parameter in showproduct.php or 2 the cat parameter in showcat.php...
ZH2004-04SA (security advisory): Multiple Sql Injection Vulnerabilities in ReviewPost PHP Pro
ZH2004-04SA security advisory: Multiple Sql Injection Vulnerabilities in ReviewPost PHP Pro Published: 04 february 2004 Released: 04 february 2004 Name: ReviewPost PHP Pro Affected Systems: current and prior versions Issue: Sql Injection Vulnerability Author: G00db0y from Zone-h Security Labs -...
All Enthusiast ReviewPost PHP Pro 2.5 - showproduct.php SQL Injection
All Enthusiast ReviewPost PHP Pro 2.5 - showproduct.php SQL Injection source: https://www.securityfocus.com/bid/9574/info It has been reported that ReviewPost PHP Pro may be prone to multiple SQL injection vulnerabilities that may allow an attacker to influence SQL query logic. This issue could b...
ZH2004-04SA.txt
ZH2004-04SA security advisory: Multiple Sql Injection Vulnerabilities in ReviewPost PHP Pro Published: 04 february 2004 Released: 04 february 2004 Name: ReviewPost PHP Pro Affected Systems: current and prior versions Issue: Sql Injection Vulnerability Author: G00db0y from Zone-h Security Labs -...
All Enthusiast ReviewPost PHP Pro 2.5 - showcat.php SQL Injection
All Enthusiast ReviewPost PHP Pro 2.5 - showcat.php SQL Injection source: https://www.securityfocus.com/bid/9574/info It has been reported that ReviewPost PHP Pro may be prone to multiple SQL injection vulnerabilities that may allow an attacker to influence SQL query logic. This issue could be...
All Enthusiast ReviewPost PHP Pro 2.5 - 'showcat.php' SQL Injection
source: https://www.securityfocus.com/bid/9574/info It has been reported that ReviewPost PHP Pro may be prone to multiple SQL injection vulnerabilities that may allow an attacker to influence SQL query logic. This issue could be exploited to disclose sensitive information that may be used to gain...
All Enthusiast ReviewPost PHP Pro 2.5 - 'showproduct.php' SQL Injection
source: https://www.securityfocus.com/bid/9574/info It has been reported that ReviewPost PHP Pro may be prone to multiple SQL injection vulnerabilities that may allow an attacker to influence SQL query logic. This issue could be exploited to disclose sensitive information that may be used to gain...
ReviewPost PHP Pro Multiple Script SQL Injections
ReviewPost PHP Pro, a web-based software that manages user's opinions, is installed on the remote web server. The installed version fails to sanitize user input to the 'product' parameter of the 'showproduct.php' script and the 'cat' parameter of the 'showcat.php' script before using it in a...