9 matches found
EUVD-2007-1545
Malware in sbrugna...
EUVD-2007-1544
Malware in sbrugna...
EUVD-2007-1543
Malware in sbrugna...
Sql injection
Multiple SQL injection vulnerabilities in phpx 3.5.15 allow remote attackers to execute arbitrary SQL commands via the 1 imageid or 2 catid parameter to a gallery.php; the 3 newsid parameter to b news.php or c print.php; 4 the newscatid parameter to news.php; the 5 catid, 6 topicid, or 7 postid...
CVE-2007-1550
Multiple SQL injection vulnerabilities in phpx 3.5.15 allow remote attackers to execute arbitrary SQL commands via the 1 imageid or 2 catid parameter to a gallery.php; the 3 newsid parameter to b news.php or c print.php; 4 the newscatid parameter to news.php; the 5 catid, 6 topicid, or 7 postid...
CVE-2007-1550
CVE-2007-1550 affects phpx 3.5.15, introducing multiple SQL injection weaknesses in gallery.php, news.php/print.php (via image_id, cat_id, news_id), news.php (news_cat_id), forums.php (cat_id, topic_id, post_id), and users.php (user_id). The underlying issue is unsafely concatenated SQL queries t...
CVE-2007-1551
CVE-2007-1551 affects phpx 3.5.15 with multiple cross-site scripting (XSS) vulnerabilities. The issues allow remote attackers to inject arbitrary web script or HTML via (1) the signature in "dans profile" and (2) search.php. The affected software is phpx 3.5.15; root cause details are not spelled...
CVE-2007-1551
Multiple cross-site scripting XSS vulnerabilities in phpx 3.5.15 allow remote attackers to inject arbitrary web script or HTML via 1 the signature in "dans profile," or 2 search.php...
CVE-2007-1549
CVE-2007-1549 affects phpx 3.5.15 where gallery.php’s addImage action allows unrestricted file upload. An attacker can upload arbitrary PHP scripts, which are placed under gallery/shelties/ and could be executed remotely. The CVE details focus on the unrestricted upload vulnerability and its abil...