PHP Scripts Now Hangman - 'index.php?letters' Cross-Site Scripting

source: https://www.securityfocus.com/bid/43513/info TOPHangman is prone to an SQL-injection vulnerability and an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to compromise the application, access or modify data,...

PHP Scripts Now Hangman - index.php?n SQL Injection

PHP Scripts Now Hangman - index.php?n SQL Injection source: https://www.securityfocus.com/bid/43513/info TOPHangman is prone to an SQL-injection vulnerability and an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues t...

PHP Scripts Now (Multiple Products) - bios.php?rank Cross-Site Scripting

PHP Scripts Now Multiple Products - bios.php?rank Cross-Site Scripting source: https://www.securityfocus.com/bid/44306/info Multiple PHP Scripts Now products are prone to an input-validation vulnerability that can be exploited to conduct SQL-injection and cross-site scripting attacks. Exploiting...

PHP Scripts Now (Multiple Products) - bios.php?rank SQL Injection

PHP Scripts Now Multiple Products - bios.php?rank SQL Injection source: https://www.securityfocus.com/bid/44306/info Multiple PHP Scripts Now products are prone to an input-validation vulnerability that can be exploited to conduct SQL-injection and cross-site scripting attacks. Exploiting this...

PHP Scripts Now (Multiple Products) - 'bios.php?rank' SQL Injection

source: https://www.securityfocus.com/bid/44306/info Multiple PHP Scripts Now products are prone to an input-validation vulnerability that can be exploited to conduct SQL-injection and cross-site scripting attacks. Exploiting this vulnerability could allow an attacker to steal cookie-based...

PHP Scripts Now (Multiple Products) - 'bios.php?rank' Cross-Site Scripting

source: https://www.securityfocus.com/bid/44306/info Multiple PHP Scripts Now products are prone to an input-validation vulnerability that can be exploited to conduct SQL-injection and cross-site scripting attacks. Exploiting this vulnerability could allow an attacker to steal cookie-based...

Authentication flaw

A+ PHP Scripts News Management System NMS allows remote attackers to bypass authentication and gain administrator privileges by setting the mobsuser and mobspass cookies to 1...

CVE-2008-6667

A+ PHP Scripts News Management System NMS allows remote attackers to bypass authentication and gain administrator privileges by setting the mobsuser and mobspass cookies to 1...

CVE-2008-6667

A+ PHP Scripts News Management System NMS allows remote attackers to bypass authentication and gain administrator privileges by setting the mobsuser and mobspass cookies to 1...

pPIM Multiple Remote Vulnerabilities

This host is running pPIM. pPIM is an information manger that can hold contacts, events in a calendar, links, send emails, check email, store notes, and uploads files. pPIM is prone to multiple vulnerabilities, including two security-bypass issues, a cross-site scripting issue, and a file-upload...

dacios CMS 1.08 - Cross-Site Scripting SQL Injection File Disclosure

dacios CMS 1.08 - Cross-Site Scripting SQL Injection File Disclosure =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- = = XORON 2009C = = Dacio's PHP scripts CMS v1.08 Remote SQL Injection Vuln. =...

E-PHP Scripts B2B Trading Marketplace XSS

E-Php Scripts B2B Trading Marketplace XSS Vulnerability Dicovered By: SaiedHacker Group: HackeranShiraz Security Team Web Address: www.HackeranShiraz.Com E-mail: [email protected] Exploits: http://Target/b2b/signin.php?errmsg=%3Cscript%3Ealert1;%3C/script%3E...

E-PHP Scripts EShop SQL Injection

E-Php Scripts Eshop 'searchresults.php' SQL Injection Vulnerability Dicovered By: SaiedHacker Group: HackeranShiraz Security Team Web Address: www.HackeranShiraz.Com E-mail: [email protected] Exploit:...

CVE-2008-5906

Eval injection vulnerability in the web interface plugin in KTorrent before 3.1.4 allows remote attackers to execute arbitrary PHP code via unspecified parameters to this interface's PHP scripts...

CVE-2008-5838

CVE-2008-5838 is a SQL injection vulnerability in the E-Php Scripts E-Shop Shopping Cart, affecting the search_results.php code path. The vulnerability allows remote attackers to inject arbitrary SQL via the cid parameter, potentially compromising data integrity and partial confidentiality. The N...

Netref 4.0 - Multiple SQL Injections

SuB-ZeRo Dz-hackers Netref 4.0 Remote SQL Injection Vulnerability ----------------------------------------------------------------------------------------------------------- +Discovred by : SuB-ZeRo +Vendor URL : www.netref.net +downloader : http://www.phpscripts-fr.net/scripts/download.php?id=62...

Cross site scripting

Cross-site scripting XSS vulnerability in complete.php in Simple PHP Scripts blog 0.3 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in Simple PHP Scripts gallery 0.1, 0.3, and 0.4 allows remote attackers to inject arbitrary web script or HTML via the gallery parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...

CVE-2008-4802

CVE-2008-4802 is described as a Cross-site scripting (XSS) vulnerability in complete.php of Simple PHP Scripts blog 0.3, where an attacker can inject arbitrary script or HTML via the id parameter. The root cause is unsanitized user input in that parameter. Affected product/component: Simple PHP S...

CVE-2008-4802

Cross-site scripting XSS vulnerability in complete.php in Simple PHP Scripts blog 0.3 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...