49 matches found
EUVD-2006-0373
Malware in sbrugna...
EUVD-2006-0452
Malware in sbrugna...
EUVD-2006-0451
Malware in sbrugna...
EUVD-2008-5849
Malware in sbrugna...
EUVD-2008-5848
Malware in sbrugna...
EUVD-2008-5847
Malware in sbrugna...
phpclanwebsite <= 1.23.3 fix pack #5 Multiple Vulnerabilities
No description provided by source. Phpclanwebsite = 1.23.3 Fix Pack 5 File Including/SQL/XSS Multiple Remote Vulnerabilities The description: The set vulnerability in CMS Phpclanwebsite versions 1.23.3 Fix Pack 5 and more low was revealed. 1. Multiple File Including Vulnerabilities Vulnerability...
Phpclanwebsite 1.23.1 BBCode IMG Tag Script Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16300/info Phpclanwebsite is prone to a script-injection vulnerability. An attacker can nest BBCode IMG tags to trigger this issue and execute arbitrary code in a user's browser. Attacker-supplied HTML and script code wou...
CVE-2008-5878
Multiple directory traversal vulnerabilities in Phpclanwebsite aka PCW 1.23.3 Fix Pack 5 and earlier, when magicquotesgpc is disabled and registerglobals is enabled, allow remote attackers to include and execute arbitrary files via a .. dot dot in the 1 boxname parameter to...
CVE-2008-5877
Multiple SQL injection vulnerabilities in Phpclanwebsite aka PCW 1.23.3 Fix Pack 5 and earlier, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 page parameter to index.php, 2 formid parameter to pcw/processforms.php, 3 pcwlogin and 4 pcwpass...
CVE-2008-5879
Cross-site scripting XSS vulnerability in index.php in Phpclanwebsite aka PCW 1.23.3 Fix Pack 5 and earlier, allows remote attackers to inject arbitrary web script or HTML via the page parameter and other unspecified vectors...
Directory traversal
Multiple directory traversal vulnerabilities in Phpclanwebsite aka PCW 1.23.3 Fix Pack 5 and earlier, when magicquotesgpc is disabled and registerglobals is enabled, allow remote attackers to include and execute arbitrary files via a .. dot dot in the 1 boxname parameter to...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in Phpclanwebsite aka PCW 1.23.3 Fix Pack 5 and earlier, allows remote attackers to inject arbitrary web script or HTML via the page parameter and other unspecified vectors...
Sql injection
Multiple SQL injection vulnerabilities in Phpclanwebsite aka PCW 1.23.3 Fix Pack 5 and earlier, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 page parameter to index.php, 2 formid parameter to pcw/processforms.php, 3 pcwlogin and 4 pcwpass...
CVE-2008-5878
Multiple directory traversal vulnerabilities in Phpclanwebsite aka PCW 1.23.3 Fix Pack 5 and earlier, when magicquotesgpc is disabled and registerglobals is enabled, allow remote attackers to include and execute arbitrary files via a .. dot dot in the 1 boxname parameter to...
CVE-2008-5879
Cross-site scripting XSS vulnerability in index.php in Phpclanwebsite aka PCW 1.23.3 Fix Pack 5 and earlier, allows remote attackers to inject arbitrary web script or HTML via the page parameter and other unspecified vectors...
CVE-2008-5878
CVE-2008-5878 affects Phpclanwebsite (also known as PCW) up to version 1.23.3 Fix Pack 5. The issue arises when magic_quotes_gpc is disabled and register_globals is enabled, allowing remote attackers to include and execute arbitrary files via a directory traversal in the following parameters: (1)...
CVE-2008-5879
The CVE-2008-5879 entry describes a Cross-site scripting (XSS) vulnerability in Phpclanwebsite (PCW) 1.23.3 Fix Pack 5 and earlier, exploitable via the page parameter and other unspecified vectors. Affected product is Phpclanwebsite/PCW (version 1.23.3 Fix Pack 5 and earlier). The underlying issu...
CVE-2008-5877
Summary: CVE-2008-5877 applies to Phpclanwebsite (PCW) 1.23.3 Fix Pack 5 and earlier, with multiple SQL injection vectors when magic_quotes_gpc is disabled. Vulnerable components/functions include: (1) index.php with the page parameter, (2) pcw/processforms.php with form_id, (3) pcw/setlogin.php ...
CVE-2008-5877
Multiple SQL injection vulnerabilities in Phpclanwebsite aka PCW 1.23.3 Fix Pack 5 and earlier, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 page parameter to index.php, 2 formid parameter to pcw/processforms.php, 3 pcwlogin and 4 pcwpass...