38 matches found
EUVD-2009-4658
Malware in sbrugna...
EUVD-2009-3511
Malware in sbrugna...
EUVD-2009-4659
Malware in sbrugna...
EUVD-2006-2405
Malware in sbrugna...
EUVD-2009-4656
Malware in sbrugna...
RadScripts a_editpage.php filename Variable Arbitrary File Overwrite
No description provided by source. source: http://www.securityfocus.com/bid/19128/info Multiple Rad Scripts products are prone to an authentication-bypass vulnerability. These issues occur because the applications fail to prevent an attacker from accessing admin scripts directly without requiring...
CVE-2009-4695
SQL injection vulnerability in index.php in RadScripts RadLance Gold 7.5 allows remote attackers to execute arbitrary SQL commands via the fid parameter in a viewforum action...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in RadScripts RadLance Gold 7.5 allows remote attackers to inject arbitrary web script or HTML via the pr parameter in a ulist action...
CVE-2009-4692
Cross-site scripting XSS vulnerability in index.php in RadScripts RadLance Gold 7.5 allows remote attackers to inject arbitrary web script or HTML via the pr parameter in a ulist action...
Sql injection
SQL injection vulnerability in index.php in RadScripts RadLance Gold 7.5 allows remote attackers to execute arbitrary SQL commands via the fid parameter in a viewforum action...
CVE-2009-4692
CVE-2009-4692 describes a Cross-site Scripting (XSS) vulnerability in RadScripts RadLance Gold 7.5, specifically in index.php where the pr parameter in a ulist action can be exploited to inject arbitrary script or HTML. The vulnerability is tied to a flaw in how user-supplied data is handled in t...
CVE-2009-4695
The CVE-2009-4695 entry describes a SQL injection in RadScripts RadLance Gold 7.5, affecting index.php via the fid parameter in a view_forum action. The underlying issue is a parameter-based SQL command execution vulnerability that could allow remote attackers to alter or read data. The connected...
CVE-2009-4692
Cross-site scripting XSS vulnerability in index.php in RadScripts RadLance Gold 7.5 allows remote attackers to inject arbitrary web script or HTML via the pr parameter in a ulist action...
CVE-2009-4694
Cross-site scripting XSS vulnerability in index.php in RadScripts RadLance Gold 7.5 allows remote attackers to inject arbitrary web script or HTML via the fid parameter in a viewforum action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...
CVE-2009-4695
SQL injection vulnerability in index.php in RadScripts RadLance Gold 7.5 allows remote attackers to execute arbitrary SQL commands via the fid parameter in a viewforum action...
CVE-2009-3530
Cross-site scripting XSS vulnerability in storefront.php in RadScripts RadBids Gold 4 allows remote attackers to inject arbitrary web script or HTML via the mode parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in storefront.php in RadScripts RadBids Gold 4 allows remote attackers to inject arbitrary web script or HTML via the mode parameter...
Sql injection
SQL injection vulnerability in index.php in RadScripts RadBids Gold 4 allows remote attackers to execute arbitrary SQL commands via the fid parameter in a viewforum action, a different vector than CVE-2005-1074...
CVE-2009-3530
Cross-site scripting XSS vulnerability in storefront.php in RadScripts RadBids Gold 4 allows remote attackers to inject arbitrary web script or HTML via the mode parameter...
CVE-2009-3529
The CVE-2009-3529 entry concerns RadScripts RadBids Gold 4. Vulnerability : SQL injection in index.php triggered by the fid parameter in a view_forum action, enabling remote attackers to execute arbitrary SQL commands. This is a different vector than CVE-2005-1074. Impact : Partial confidentialit...