7 matches found
EUVD-2009-2881
Malware in sbrugna...
EUVD-2009-2880
Malware in sbrugna...
CVE-2009-2890
Cross-site scripting XSS vulnerability in results.php in PHP Scripts Now Riddles allows remote attackers to inject arbitrary web script or HTML via the searchquery parameter...
CVE-2009-2891
CVE-2009-2891 describes an SQL injection in list.php of PHP Scripts Now Riddles, exploitable via the catid parameter. The underlying issue is improper handling of user-supplied input, enabling remote attackers to execute arbitrary SQL commands. Affected component: list.php within the PHP Scripts ...
CVE-2009-2890
Cross-site scripting XSS vulnerability in results.php in PHP Scripts Now Riddles allows remote attackers to inject arbitrary web script or HTML via the searchquery parameter...
CVE-2009-2890
CVE-2009-2890 affects the web app PHP Scripts Now Riddles, with a vulnerability in results.php where the searchquery parameter allows remote injection of arbitrary web script or HTML (reflected XSS). Root cause: lack of proper input sanitization on the searchquery parameter. Impact: enables injec...
PHP Scripts Now Riddles - '/riddles/list.php?catid' SQL Injection
source: https://www.securityfocus.com/bid/44309/info PHP Scripts Now Riddles is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based...