Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Vastal I-Tech phpVID 1.2.3 allow remote attackers to inject arbitrary web script or HTML via the 1 n parameter to browsevideos.php or the 2 cat parameter to groups.php...

CVE-2013-5311

Multiple SQL injection vulnerabilities in Vastal I-Tech phpVID 1.2.3 allow remote attackers to execute arbitrary SQL commands via the "n" parameter to 1 browsevideos.php or 2 members.php. NOTE: the cat parameter is already covered by CVE-2008-4157...

CVE-2013-5311

CVE-2013-5311: Affected software is Vastal I-Tech phpVID 1.2.3. The vulnerability is SQL injection via the n parameter in browse_videos.php and members.php (cat parameter noted as covered by CVE-2008-4157). Impact is remote SQL command execution as described in the public records. Connected docum...

CVE-2013-5312

CVE-2013-5312 affects Vastal I-Tech phpVID 1.2.3 with multiple XSS vulnerabilities. The issue arises from user-supplied inputs in two pages: browse_videos.php (parameter n) and groups.php (parameter cat), enabling remote attackers to inject arbitrary web script or HTML. The connected documents co...

phpVID 1.2.3 - Multiple Vulnerabilities

Exploit for php platform in category web applications | \ | | | | / | | | | | | | | | | // \ \ / / | | | | | | |/ | ' \ \ \ / / | | | \ \ /\ V / | | || | || | | | | | | / || \| / /||,|||/|| || |/ || PhpVID Script, Multiple Vulnerabilities Product Page:...

PHPVID 1.2.3 - Multiple Vulnerabilities

| \ | | | | / | | | | | | | | | | // \ \ / / | | | | | | |/ | ' \ \ \ / / | | | \ \ /\ V / | | || | || | | | | | | / || \| / /||,|||/|| || |/ || PhpVID Script, Multiple Vulnerabilities Product Page: http://www.vastal.com/phpvid-the-video-sharing-software.html AuthorPentester: 3spi0n On...

PHPVID 1.2.3 - Multiple Vulnerabilities

PHPVID 1.2.3 - Multiple Vulnerabilities | \ | | | | / | | | | | | | | | | // \ \ / / | | | | | | |/ | ' \ \ \ / / | | | \ \ /\ V / | | || | || | | | | | | / || \| / /||,|||/|| || |/ || PhpVID Script, Multiple Vulnerabilities Product Page:...

PHP VID XSS / SQL Injection / CRLF Injection

| \ | | | | / | | | | | | | | | | // \ \ / / | | | | | | |/ | ' \ \ \ / / | | | \ \ /\ V / | | || | || | | | | | | / || \| / /||,|||/|| || |/ || PhpVID Script, Multiple Vulnerabilities Product Page: http://www.vastal.com/phpvid-the-video-sharing-software.html Script Demo:...

CVE-2008-4157

SQL injection vulnerability in groups.php in Vastal I-Tech phpVID 1.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter, a different vector than CVE-2007-3610. NOTE: it was later reported that 1.2.3 is also affected...

Sql injection

SQL injection vulnerability in groups.php in Vastal I-Tech phpVID 1.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter, a different vector than CVE-2007-3610. NOTE: it was later reported that 1.2.3 is also affected...

CVE-2008-4157

CVE-2008-4157 documents an SQL injection in phpVID (Vastal I-Tech) groups.php via the cat parameter affecting PHPVID 1.1 and later 1.2.3. Connected records confirm related SQL injection issues in phpVID 1.2.3 via the n parameter (and note that the cat vector is already covered by CVE-2008-4157), ...

CVE-2008-4157

SQL injection vulnerability in groups.php in Vastal I-Tech phpVID 1.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter, a different vector than CVE-2007-3610. NOTE: it was later reported that 1.2.3 is also affected...

phpVID 1.1 (XSS/SQL) Multiple Remote Vulnerabilities

No description provided by source. . . | / | | \ \ | / / |\ \ \ |/ // / /\ \ / |/ \ / // | / | | / \ \ / / // \ / \ |/| || \\ /|\ / / / / \ / \ / / / \ | | /\ /\ / \ | \ // est.2007 / / forum.darkc0de.com --d3hydr8 -rsauron-baltazar -sinner01 -C1c4Tr1Z - beenu...

phpvid11-sql.txt

. . | / | | \ \ | / / |\ \ \ |/ // / /\ \ / |/ \ / // | / | | / \ /|\ / / / / \ / \ / / / \ | | /\ /\ / \ | \ // est.2007 / / forum.darkc0de.com --d3hydr8 -rsauron-baltazar -sinner01 -C1c4Tr1Z - beenu ---QKrun1x-P47tr1ck - FeDeReR -MAGE -JeTFyrE and all darkc0de members ---...

PHPVID 1.1 - Cross-Site Scripting / SQL Injection

. . | / | | \ \ | / / |\ \ \ |/ // / /\ \ / |/ \ / // | / | | / \ /|\ / / / / \ / \ / / / \ | | /\ /\ / \ | \ // est.2007 / / forum.darkc0de.com --d3hydr8 -rsauron-baltazar -sinner01 -C1c4Tr1Z - beenu ---QKrun1x-P47tr1ck - FeDeReR -MAGE -JeTFyrE and all darkc0de members ---...

PHPVID 1.1 - Cross-Site Scripting SQL Injection

PHPVID 1.1 - Cross-Site Scripting SQL Injection . . | / | | \ \ | / / |\ \ \ |/ // / /\ \ / |/ \ / // | / | | / \ /|\ / / / / \ / \ / / / \ | | /\ /\ / \ | \ // est.2007 / / forum.darkc0de.com --d3hydr8 -rsauron-baltazar -sinner01 -C1c4Tr1Z - beenu ---QKrun1x-P47tr1ck - FeDeReR...

phpVID 1.1 (XSS/SQL) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ==================================================== phpVID 1.1 XSS/SQL Multiple Remote Vulnerabilities ==================================================== Title: phpVID 1.1 The video sharing script! Multiple Vulnerabilities Vendor:...

CVE-2008-2335

Cross-site scripting XSS vulnerability in searchresults.php in Vastal I-Tech phpVID 1.1 and 1.2 allows remote attackers to inject arbitrary web script or HTML via the query parameter. NOTE: some of these details are obtained from third party information. NOTE: it was later reported that 1.2.3 is...

Cross site scripting

Cross-site scripting XSS vulnerability in searchresults.php in Vastal I-Tech phpVID 1.1 and 1.2 allows remote attackers to inject arbitrary web script or HTML via the query parameter. NOTE: some of these details are obtained from third party information. NOTE: it was later reported that 1.2.3 is...

CVE-2008-2335

The CVE-2008-2335 entry describes a cross-site scripting (XSS) vulnerability in Vastal I-Tech phpVID 1.1 and 1.2 (also reported for 1.2.3) where an attacker can inject arbitrary script/HTML via the query parameter in search_results.php. Affected software: phpVID 1.1, 1.2 (and 1.2.3 per notes). Th...