2 matches found
Web Reference Database SQL Injection Vulnerability (CNVD-2015-06458)
Web Reference Database is a web-based multi-user interface product that provides search tools and automatic indexing for managing scientific literature. The Web Reference Database rss.php script fails to adequately filter the 'where' parameter and the search.php script fails to adequately filter...
CVE-2009-3195
Multiple cross-site scripting XSS vulnerabilities in JCE-Tech Auction RSS Content Script 3.0 allow remote attackers to inject arbitrary web script or HTML via the id parameter to 1 rss.php and 2 search.php...