CVE-2007-1152

Multiple directory traversal vulnerabilities in Pyrophobia 2.1.3.1 allow remote attackers to read arbitrary files via a .. dot dot in the 1 act or 2 pid parameter to the top-level URI index.php, or the 3 action parameter to admin/index.php. NOTE: some of these details are obtained from third part...

CVE-2006-6559

SQL injection vulnerability in ProductDetails.asp in Lotfian Request For Travel 1.0 allows remote attackers to execute arbitrary SQL commands via the PID parameter...

CVE-2006-6559

The CVE-2006-6559 entry documents an SQL injection vulnerability in Lotfian Request For Travel 1.0, specifically in ProductDetails.asp where the PID parameter can be exploited to execute arbitrary SQL commands remotely. Affected component: ProductDetails.asp in Lotfian Request For Travel 1.0. Roo...

CVE-2006-6280

SQL injection vulnerability in viewthread.php in Oxygen O2PHP Bulletin Board 1.1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter, a different vector than CVE-2006-1572...

CVE-2005-1877

Cross-site scripting XSS vulnerability in viewticket.php in Lpanel 1.59 and earlier allows remote attackers to inject arbitrary web script or HTML and obtain sensitive information via the pid parameter...

CVE-2004-1966

Multiple SQL injection vulnerabilities in Open Bulletin Board OpenBB 1.0.6 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 FID parameter in board.php, 2 sortorder, perpage, or id parameters in member.php, 3 forums parameter in search.php, or 4 PID or FID parameters ...