9 matches found
CVE-2010-5044
SQL injection vulnerability in models/log.php in the Search Log comsearchlog component 3.1.0 for Joomla! allows remote authenticated users, with Public Back-end privileges, to execute arbitrary SQL commands via the search parameter in a log action to administrator/index.php. NOTE: some of these...
Sql injection
SQL injection vulnerability in models/log.php in the Search Log comsearchlog component 3.1.0 for Joomla! allows remote authenticated users, with Public Back-end privileges, to execute arbitrary SQL commands via the search parameter in a log action to administrator/index.php. NOTE: some of these...
CVE-2010-5044
SQL injection vulnerability in models/log.php in the Search Log comsearchlog component 3.1.0 for Joomla! allows remote authenticated users, with Public Back-end privileges, to execute arbitrary SQL commands via the search parameter in a log action to administrator/index.php. NOTE: some of these...
Joomla! Component Search Log 3.1.0 - SQL Injection
Joomla! Component Search Log 3.1.0 - SQL Injection Exploit Title: Joomla Component comsearchlog SQL Injection Date: 05/06/2010 Author: d0lc3 d0lc3xatgmaildomcom Software Link: http://www.kanich.net/radio/site/searchlog/searchlog-download Version: 3.1.0 Tested on: Linux ubuntu32 2.6.32-22-generic...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Adobe ColdFusion Server 8.0.1, 8, and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the startRow parameter to administrator/logviewer/searchlog.cfm, or the query string to 2 wizards/common/logintowizard.cfm, 3...
CVE-2008-3353
Multiple cross-site scripting XSS vulnerabilities in Pure Software Lore before 1.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the 1 article comments feature and the 2 search log feature...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Pure Software Lore before 1.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the 1 article comments feature and the 2 search log feature...
CVE-2008-3353
Multiple cross-site scripting XSS vulnerabilities in Pure Software Lore before 1.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the 1 article comments feature and the 2 search log feature...
PT-2008-4758 · Pure · Pure Software Lore
Name of the Vulnerable Software and Affected Versions: Pure Software Lore versions prior to 1.7.0 Description: The issue concerns multiple cross-site scripting XSS vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related ...