23 matches found
CVE-2009-3503
CVE-2009-3503: Multiple SQL injection vulnerabilities in BPowerHouse BPHolidayLettings 1.0 (search.aspx) allow remote attackers to execute arbitrary SQL commands via the (1) rid and (2) tid parameters. Affected component/function: search.aspx in BPHolidayLettings 1.0. Root cause: improper validat...
Unfixed XSS vulnerability at www.ekn.se
Security researcher doublecheck, has submitted on 16/01/2009 a cross-site-scripting XSS vulnerability affecting www.ekn.se, which at the time of submission ranked 2808302 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 30/01/2009. It is current...
CVE-2006-1405
CVE-2006-1405 is a reported Cross-site Scripting (XSS) vulnerability in the SweetSuite.NET Content Management System (ssCMS) prior to or including version 2.1.0, affecting the search.aspx functionality. The flaw enables remote attackers to inject arbitrary web script or HTML through the keywords ...