1673 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in forms/search.php in the WP-Business Directory wp-ttisbdir plugin 1.0.2 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 edit, 2 searchterm, 3 pageid, 4 page, or 5 pagelinks parameter...
DropAFew 0.2 search.php delete Action id Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/23400/info DropAFew is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...
City Directory Review and Rating Script (search.php) SQL Injection Vulnerability
No description provided by source. Exploit Title: City Directory Review and Rating Script SQL Injection Vulnerability Date: 22.12.2012 Author: 3spi0n Script Vendor or Software Link: http://b-scripts.com/en/18-city-reviewer-yelp-clone.html Category: WebApps Type: SQL Injection MySQLi Tested On:...
miniPortail <= 2.2 (XSS/LFI) Remote Vulnerabilities
No description provided by source. / miniPortail = 2.2 XSS/LFI Remote Vulnerabilities ------------------------------------------------------- By StAkeR - StAkeRathotmaildotit http://www.easy-script.com/scripts-dl/miniportail.zip ------------------------------------------------------- -1 Local Fil...
Joovili <= 3.0 - Multiple SQL Injection Vulnerabilities
No description provided by source. Joovili = 3.0 SQL Injection Vulnerability Author: !DoktOR! Date found: 27.08.08 Product: Joovili Version: 3.0 Price: $155 URL: www.joovili.com Download script: http://rapidshare.com/files/96178834/Joovili.Patch.3.0.12.Themes.WST.rar.html Vulnerability Class: SQL...
Punbb 1.3.4 - Multiple Full Path Disclosure Vulnerability
No description provided by source. Exploit Title: Punbb 1.3.4 Full Path Disclosure Date: 07/11/2010 Author: SYSTEMOVERIDE, OverSecurityCrew Software Link: http://punbb.informer.com/ Vulnerability Type: Full Path Disclosure Version: 1.3.4 Vulnerability Details: The vulnerabilities are in the file...
phxEventManager 2.0 beta 5 search.php search_terms SQL Injection
No description provided by source. Exploit Title: phxEventManager 2.0 beta 5 search.php searchterms SQL Injection Vulnerability Date: 01/03/2012 Author: skysbsb Software Link: http://sourceforge.net/projects/phxeventmanager/ Version: Web Application Tested on: Apache/nix Dork: intext: Powered by...
yblog 0.2.2.2 (xss/sql) Multiple Vulnerabilities
No description provided by source. / | || | | | | | | | | /| | | | | || ||| ||||| || C. H. R. O. O. T. SECURITY GROUP - -- ----- --- -- -- ---- --- -- - http://www.chroot.org Hacks In Taiwan | || | | | | | | | Conference 2008 | | | | | | | | | || ||| || |||| http://www.hitcon.org Title...
ECShop Search.php SQL Injection Exploit
No description provided by source...
VBulletin 3.0 Search.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9656/info It has been reported that VBulletin is prone to a cross-site scripting vulnerability in the 'search.php' script. This issue is reportedly due to a failure to sanitize user input and so allow HTML and script code...
CarLine Forum Russian Board 4.2 search.php text_poisk Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/14045/info Forum Russian Board is prone to multiple input validation vulnerabilities. These issues can allow attackers to carry out SQL Injection, cross-site scripting, and HTML injection attacks. Forum Russian Board 4.2 ...
MyBulletinBoard RC4 search.php action Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/14553/info MyBulletinBoard is prone to multiple SQL injection vulnerability. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful...
QwikiWiki 1.5 Search.PHP Cross-Site Scripting Vulnerability
No description provided by source...
e107 0.7.5 Search.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/18508/info e107 is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script co...
PT News 1.7.8 Search.PHP Cross-Site Scripting Vulnerability
No description provided by source...
Phorum 5.0.7 Search Script Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10822/info A cross-site scripting vulnerability is reported to affect Phorum. This issue affects the 'search.php' script. As a result of this vulnerability, it is possible for a remote attacker to create a malicious link...
Leszek Krupinski L-Forum 2.4 Search Script SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5468/info Reportedly, L-Forum is vulnerable to SQL injection attacks. The vulnerability lies in the file 'search.php' L-Forum does not properly sanitize user input that is used as part of the search parameter in the...
Invision Power Board <= 2.1.5 search.php Remote Code Execution Exploit
No description provided by source...
SonicBB 1.0 Search.PHP Cross-Site Scripting Vulnerability
No description provided by source...
CuteNews 1.4.6 search.php from_date_day Parameter Path Disclosure
No description provided by source. source: http://www.securityfocus.com/bid/36971/info CuteNews and UTF-8 CuteNews are prone to multiple vulnerabilities, including cross-site scripting, HTML-injection, information-disclosure, arbitrary-script-injection, and security-bypass issues. Note that...