1673 matches found
PunBB 1.2.x Search.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15114/info PunBB is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result...
Siteframe Beaumont 5.0.1 Search.PHP Q Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16596/info Siteframe Beaumont is prone to a cross-site scripting vulnerability. This issue affects the 'search.php' script. Siteframe Beaumont 5.0.1 and prior versions are reportedly vulnerable...
Gallarific - search.php query Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/28163/info Gallarific is prone to a cross-site scripting vulnerability and multiple authentication-bypass vulnerabilities. An attacker may leverage these issues to execute arbitrary script code in the browser of an...
Sphider 1.3 Search.PHP Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/17997/info Sphider is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...
Interact 2.4.1 - SQL Injection Vulnerability
No description provided by source. Title: Interact 2.4.1 SQL Injection Title : Interact 2.4.1 SQL Injection Affected Version : Interact = 2.4.1 Vendor Site : http://sourceforge.net/projects/cce-interact/ Discovery : Vulnerabilites : SQL Injection: in search.php file line 44: $searchtermsraw =...
PowerPortal 1.1/1.3 search.php search Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/16279/info PowerPortal is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to hav...
glFusion 1.3.0 (search.php, cat_id param) - SQL Injection
No description provided by source...
phpBB 2.0.3 search.php Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6311/info phpBB is vulnerable to cross site scripting attacks. This is due to insufficient santization of user-supplied input. The problem is located in the search.php script. This issue may be exploited by an attacker to...
ezContents 2.0.3 search.php GLOBALS[language_home] Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/19776/info ezContents is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote fi...
ProArcadeScript 'search.php' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/39749/info ProArcadeScript is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of...
phpMyRealty <= 1.0.9 - Multiple Remote SQL Injection Vulnerabilities
No description provided by source. phpMyRealty = 1.0.9 pages.php id Remote SQL Injection Vulnerability Author: !DoktOR! Date found: 27.08.08 Product: phpMyRealty Version: 1.0.7, 1.0.9 Download script: http://rapidshare.com/files/123835319/phpMyRealty.v1.0.7.PHP-rs.rar Vulnerability Class: SQL...
vBulletin 3.0.0 XSS Vulnerability
No description provided by source. Title: vBulletin 3.0.0 XSS Author: Discovered by ROOTEGY Version: vBulletin Version 3.0.0 =============================================== WWW.sec-war.com =============================================== 3.0.0 - Introduction XSS scripts in the script search.php. I...
Jara 1.6 - Multiple Vulnerabilities
No description provided by source. !/Mohammed/bin/YahYa Jara v1.6 Multiple Vulnerabilities -------------------------------------------+ download : http://sourceforge.net/projects/jara/files/v1.6/jarav16.zip AutHOr : Or4nG.M4n cOntAct : priv8teathotmail.com versiOn : v1.6 Tested : My Mind :...
Tunez 1.21 search.php searchFor Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/15548/info Tunez is prone to multiple input validation vulnerabilities. The application is affected by an SQL injection vulnerability and a cross-site scripting issue. Successful exploitation of the SQL injection issue...
Qualiteam X-Cart 4.0.8 search.php mode Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/13817/info X-Cart is prone to SQL injection and cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. These vulnerabilities could permit remot...
CuteNews 1.4.6 search.php Multiple Parameter XSS
No description provided by source...
EsContacts 1.0 - search.php msg Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/28825/info EsContacts is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. Attackers may leverage these issues to execute arbitrary script code in the browse...
Zoph 0.7.2.1 search.php _off Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/30116/info Zoph is prone to a cross-site scripting vulnerability and multiple SQL-injection vulnerabilities. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the...
E-Book Store SQL Injection Vulnerability
No description provided by source. :::::::::::::::::::::::::::::::::::::: 0x1 :::::::::::::::::::::::::::::::::::::: General Information Advisory/Exploit Title = E-Book Store SQL Injection Vulnerability Author = Valentin Hoebel Contact = [email protected] ::::::::::::::::::::::::::::::::::::::...
lizard cart SQLi (search.php)
No description provided by source. Exploit Title: lizard cart SQLi search.php Google Dork: inurl:search.php+intitle:Lizard Cart+intext:Search Results: Date: 05-03-2012 Author: Number 7 Software Link: http://sourceforge.net/projects/lizardcart/files/latest/download?source=directory Version: pp104...