48 matches found
CVE-2006-3616
Multiple cross-site scripting XSS vulnerabilities in Carbonize Lazarus Guestbook 1.6 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the show parameter in codes-english.php and 2 the img parameter in picture.php, after the name of an existing file...
Lazarus Guestbook Cross Site Scripting Vulnerabilities
Produce : Lazarus Guestbook Website : http://carbonize.co.uk/Lazarus/ Version : = 1.6 Problem : Cross Site Scripting 1 The first probleme is in codes-english.php ,"show" parameter in lang/codes-english.php isn't properly sanitised This can be exploited to execute arbitrary HTML and javascript cod...
CVE-2006-3283
SQL injection vulnerability in Dating Agent PRO 4.7.1 allows remote attackers to execute arbitrary SQL commands via the 1 pid parameter in picture.php, 2 mid parameter in mem.php, and the 3 sex and 4 relationship parameters in search.php...
CVE-2006-3283
SQL injection vulnerability in Dating Agent PRO 4.7.1 allows remote attackers to execute arbitrary SQL commands via the 1 pid parameter in picture.php, 2 mid parameter in mem.php, and the 3 sex and 4 relationship parameters in search.php...
[SA19801] PhpWebGallery "picture.php" Disclosure of Arbitrary Pictures
TITLE: PhpWebGallery "picture.php" Disclosure of Arbitrary Pictures SECUNIA ADVISORY ID: SA19801 VERIFY ADVISORY: http://secunia.com/advisories/19801/ CRITICAL: Less critical IMPACT: Security Bypass, Exposure of sensitive information WHERE: From remote SOFTWARE: PhpWebGallery 1.x...
PHPWebGallery Multiple Cross Site Scripting Vulnerabilities
Title : PHPWebGallery Multiple Cross Site Scripting Vulnerabilities Author: Mourad aka Psych0 root at linuxmail org Moroccan Security Team Vendor: www.phpwebgallery.net Software: PHPWebGallery Version: 1.4.1 category.php and picture.php scripts are vulnerable to XSS attacks. Exploits:...
CVE-2006-1675
Multiple cross-site scripting XSS vulnerabilities in PHPWebGallery 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the 1 cat, 2 num, and 3 search parameters to a category.php, and the 4 slideshow, 5 showmetadata, and 6 start parameters to b picture.php, a different...
PHPWebGallery 1.4.1 - picture.php Cross-Site Scripting
PHPWebGallery 1.4.1 - picture.php Cross-Site Scripting source: https://www.securityfocus.com/bid/17421/info PHPWebGallery is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may...