1685 matches found
Sql injection
SQL injection vulnerability in Comsenz EPShop aka ECShop before 3.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter in a 1 proshow or 2 disppro action to the default URI...
CVE-2008-3346
SQL injection vulnerability in productdetail.php in ShopCart DX allows remote attackers to execute arbitrary SQL commands via the pid parameter...
CVE-2008-3346
CVE-2008-3346: SQL injection in ShopCart DX, vulnerability in product_detail.php via the pid parameter that allows remote execution of arbitrary SQL commands. Affected component is ShopCart DX; root cause is improper input handling in pid parameter leading to SQL injection. Impact described as ar...
CVE-2008-3346
SQL injection vulnerability in productdetail.php in ShopCart DX allows remote attackers to execute arbitrary SQL commands via the pid parameter...
epshop-sql.txt
Name : EPShop 3.0 pid Remote SQL Injection Vulnerability + Author : mikeX - http://www.cyber-underground.net / m$n: mikeXatfuckoffdotcom + Dorks: ?action=proshow and ?action=disppro + Greetz : Ciaran McG, -Witch-Doct0r, Kn, MegaByte, Squibs, cIpheR, mmmbud, RoMeo Information; You can't download a...
CVE-2008-3201
Multiple cross-site scripting XSS vulnerabilities in index.php in Pagefusion 1.5 allow remote attackers to inject arbitrary web script or HTML via the 1 acctfname and 2 acctlname parameters in an edit action, and the 3 PID, 4 PGID, and 5 rez parameters. NOTE: the provenance of this information is...
CVE-2008-3201
CVE-2008-3201 involves multiple XSS vulnerabilities in Pagefusion 1.5. The issues affect index.php in Pagefusion 1.5, where unsanitized user input via the edit action can be injected through five parameters: acct_fname, acct_lname, PID, PGID, and rez. The underlying cause is insufficient input sa...
CVE-2008-3201
Multiple cross-site scripting XSS vulnerabilities in index.php in Pagefusion 1.5 allow remote attackers to inject arbitrary web script or HTML via the 1 acctfname and 2 acctlname parameters in an edit action, and the 3 PID, 4 PGID, and 5 rez parameters. NOTE: the provenance of this information is...
Sql injection
SQL injection vulnerability in pwd.asp in Excuse Online allows remote attackers to execute arbitrary SQL commands via the pID parameter...
CVE-2008-2509
SQL injection vulnerability in pwd.asp in Excuse Online allows remote attackers to execute arbitrary SQL commands via the pID parameter...
CVE-2008-2340
Multiple SQL injection vulnerabilities in News Manager 2.0 allow remote attackers to execute arbitrary SQL commands via the 1 lang parameter to a advsearch.php, b archive.php, and c index.php, and the 2 pid parameter to d listtagitems.php...
CVE-2008-2340
CVE-2008-2340 affects News Manager 2.0 with multiple SQL injection vulnerabilities. Remote attackers can exploit the (1) lang parameter in advsearch.php, archive.php, and index.php, and the (2) pid parameter in list_tagitems.php to execute arbitrary SQL commands. The entry is documented with a hi...
Sql injection
SQL injection vulnerability in browseproject.php in Freelance Auction Script 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter in a pdetails action...
Sql injection
SQL injection vulnerability in index.php in Online Rent aka Online Rental Property Script 4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter. NOTE: it was later reported that 5.0 and earlier are also affected...
Sql injection
SQL injection vulnerability in the comsg component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the pid parameter in an order task...
CVE-2008-0816
SQL injection vulnerability in the comsg component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the pid parameter in an order task...
Debian Security Advisory DSA 658-1 (libdbi-perl)
The remote host is missing an update to libdbi-perl announced via advisory DSA 658-1. OpenVAS Vulnerability Test $Id: deb6581.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 658-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian Security Advisory DSA 009-1 (stunnel)
The remote host is missing an update to stunnel announced via advisory DSA 009-1. OpenVAS Vulnerability Test $Id: deb0091.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 009-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
CVE-2007-6358
pdftops.pl before 1.20 in alternate pdftops filter allows local users to overwrite arbitrary files via a symlink attack on the pdfin.PID.tmp temporary file, which is created when pdftops reads a PDF file from stdin, such as when pdftops is invoked by CUPS...
Cross site scripting
Cross-site scripting XSS vulnerability in default.asp in Element CMS allows remote attackers to inject arbitrary web script or HTML via the s parameter in a search pID action...