420 matches found
CVE-2005-0858
Multiple SQL injection vulnerabilities in CoolForum 0.8 and earlier allow remote attackers to execute arbitrary SQL commands via 1 the pseudo parameter to entete.php or 2 the login parameter to register.php...
CoolForum SQL and XSS Vulnerabilities
Binary data 2725.prm...
advisory001.txt
================================================= SQL Injections in punbb-1.2.1 register.php ================================================= Description ----------- A remote attacker can cause register.php to execute arbitrary SQL statements by supplying malicous values to the language or email...
Multiple vulns in punBB
================================================= SQL Injections in punbb-1.2.1 register.php ================================================= Description ----------- A remote attacker can cause register.php to execute arbitrary SQL statements by supplying malicous values to the language or email...
pLog register.php Multiple Parameter XSS
The remote host is running pLog, a blogging system written in PHP. The remote version of this software does not perform a proper validation of user-supplied input and is, therefore, vulnerable to a cross-site scripting attack. To exploit this flaw, an attacker would need to use the script...
CVE-2004-2511
Multiple cross-site scripting XSS vulnerabilities in DCP-Portal 5.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the year, 2 month, and 3 day parameters in calendar.php; 4 the cid and 5 url parameters in index.php; 6 the cid parameter in annoucement.php; 7 the...
CVE-2004-0035
CVE-2004-0035 affects Phorum 3.4.5 and earlier, where register.php is vulnerable to SQL injection via the hide_email parameter. The underlying issue is an improper handling of user-supplied input, enabling remote attackers to execute arbitrary SQL commands. The provided documents do not specify a...
pLog register.php HTML Injection
Binary data 2192.prm...
Phorum 5.0.3 Beta && Earlier XSS Issues
Vendor : Phorum URL : http://www.phorum.org Version : Phorum 5.0.3 Beta && Earlier Risk : Cross Site Scripting Description: Phorum is a web based message board written in PHP. Phorum is designed with high-availability and visitor ease of use in mind. Features such as mailing list integration, eas...
Phorum 3.x - register.php HTTP_REFERER Cross-Site Scripting
Phorum 3.x - register.php HTTPREFERER Cross-Site Scripting source: https://www.securityfocus.com/bid/9882/info It has been reported that Phorum is prone to a cross-site scripting vulnerability across multiple modules. The issue presents itself across multiple modules including 'login.php',...
Phorum 3.x - login.php HTTP_REFERER Cross-Site Scripting
Phorum 3.x - login.php HTTPREFERER Cross-Site Scripting source: https://www.securityfocus.com/bid/9882/info It has been reported that Phorum is prone to a cross-site scripting vulnerability across multiple modules. The issue presents itself across multiple modules including 'login.php',...
Phorum 5.0.3 Beta - Cross Site Scripting
Phorum 5.0.3 Beta - Cross Site Scripting Phorum Cross Site Scripting Vendor: Phorum Product: Phorum Version: tag, it will allow for pretty much any thing else, and most of you know it is not hard to execute javascript inside of a tag which is allowed. This same vulnerability also exists in...
Phorum 3.x - profile.php?target Cross-Site Scripting
Phorum 3.x - profile.php?target Cross-Site Scripting source: https://www.securityfocus.com/bid/9882/info It has been reported that Phorum is prone to a cross-site scripting vulnerability across multiple modules. The issue presents itself across multiple modules including 'login.php',...
Phorum 3.x - 'login.php' HTTP_REFERER Cross-Site Scripting
source: https://www.securityfocus.com/bid/9882/info It has been reported that Phorum is prone to a cross-site scripting vulnerability across multiple modules. The issue presents itself across multiple modules including 'login.php', 'register.php', and 'profile.php'. These modules employ two hidde...
CVE-2004-0091
CVE-2004-0091 is an XSS issue in vBulletin’s register.php (unknown versions) exploitable via the reg_site parameter. The vendor disputes the existence of reg_site/reg_site variable in vBulletin 2/3 sources; no concrete exploitation or fix/version details are provided in the connected documents. R...
PT-2004-1295 · Vbulletin · Vbulletin
Name of the Vulnerable Software and Affected Versions: vBulletin affected versions not specified Description: A cross-site scripting XSS issue in register.php allows remote attackers to inject arbitrary HTML or web script via the reg site or possibly regsite parameter. The vendor has disputed thi...
CVE-2003-1466
Unspecified vulnerability in Phorum 3.4 through 3.4.2 allows remote attackers to use Phorum as a connection proxy to other sites via 1 register.php or 2 login.php...
vBulletin 3.0 - register.php HTML Injection
vBulletin 3.0 - register.php HTML Injection source: https://www.securityfocus.com/bid/8354/info vBulletin may be prone to an HTML injection vulnerability. This issue is exposed through inadequate sanitization of user input for certain fields within the register.php script. An attacker may exploit...
vBulletin 3.0 - 'register.php' HTML Injection
source: https://www.securityfocus.com/bid/8354/info vBulletin may be prone to an HTML injection vulnerability. This issue is exposed through inadequate sanitization of user input for certain fields within the register.php script. An attacker may exploit this issue by including hostile HTML and...
CVE-2002-0903
WoltLab Burning Board (wbboard) 1.1.1 is affected. The register.php flow uses a small set of random values for the code parameter passed to action.php to approve registrations, together with predictable new user IDs, enabling remote attackers to hijack new user accounts through brute-forcing the ...