1673 matches found
Sphider 1.3 Search.PHP Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/17997/info Sphider is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...
PowerPortal 1.1/1.3 search.php search Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/16279/info PowerPortal is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to hav...
glFusion 1.3.0 (search.php, cat_id param) - SQL Injection
No description provided by source...
ProArcadeScript 'search.php' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/39749/info ProArcadeScript is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of...
phpMyRealty <= 1.0.9 - Multiple Remote SQL Injection Vulnerabilities
No description provided by source. phpMyRealty = 1.0.9 pages.php id Remote SQL Injection Vulnerability Author: !DoktOR! Date found: 27.08.08 Product: phpMyRealty Version: 1.0.7, 1.0.9 Download script: http://rapidshare.com/files/123835319/phpMyRealty.v1.0.7.PHP-rs.rar Vulnerability Class: SQL...
vBulletin 3.0.0 XSS Vulnerability
No description provided by source. Title: vBulletin 3.0.0 XSS Author: Discovered by ROOTEGY Version: vBulletin Version 3.0.0 =============================================== WWW.sec-war.com =============================================== 3.0.0 - Introduction XSS scripts in the script search.php. I...
Qualiteam X-Cart 4.0.8 search.php mode Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/13817/info X-Cart is prone to SQL injection and cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. These vulnerabilities could permit remot...
W-Agora 4.2.1 search.php search_user Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/23057/info w-Agora is prone to multiple input-validation vulnerabilities, including possible SQL-injection issues and multiple cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data...
Interact 2.4.1 - SQL Injection Vulnerability
No description provided by source. Title: Interact 2.4.1 SQL Injection Title : Interact 2.4.1 SQL Injection Affected Version : Interact = 2.4.1 Vendor Site : http://sourceforge.net/projects/cce-interact/ Discovery : Vulnerabilites : SQL Injection: in search.php file line 44: $searchtermsraw =...
phpBB 2.0.3 search.php Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6311/info phpBB is vulnerable to cross site scripting attacks. This is due to insufficient santization of user-supplied input. The problem is located in the search.php script. This issue may be exploited by an attacker to...
Siteframe Beaumont 5.0.1 Search.PHP Q Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16596/info Siteframe Beaumont is prone to a cross-site scripting vulnerability. This issue affects the 'search.php' script. Siteframe Beaumont 5.0.1 and prior versions are reportedly vulnerable...
ezContents 2.0.3 search.php GLOBALS[language_home] Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/19776/info ezContents is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote fi...
QwikiWiki 1.5 Search.PHP Cross-Site Scripting Vulnerability
No description provided by source...
Jara 1.6 - Multiple Vulnerabilities
No description provided by source. !/Mohammed/bin/YahYa Jara v1.6 Multiple Vulnerabilities -------------------------------------------+ download : http://sourceforge.net/projects/jara/files/v1.6/jarav16.zip AutHOr : Or4nG.M4n cOntAct : priv8teathotmail.com versiOn : v1.6 Tested : My Mind :...
Tunez 1.21 search.php searchFor Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/15548/info Tunez is prone to multiple input validation vulnerabilities. The application is affected by an SQL injection vulnerability and a cross-site scripting issue. Successful exploitation of the SQL injection issue...
CuteNews 1.4.6 search.php Multiple Parameter XSS
No description provided by source...
EsContacts 1.0 - search.php msg Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/28825/info EsContacts is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. Attackers may leverage these issues to execute arbitrary script code in the browse...
Zoph 0.7.2.1 search.php _off Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/30116/info Zoph is prone to a cross-site scripting vulnerability and multiple SQL-injection vulnerabilities. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the...
E-Book Store SQL Injection Vulnerability
No description provided by source. :::::::::::::::::::::::::::::::::::::: 0x1 :::::::::::::::::::::::::::::::::::::: General Information Advisory/Exploit Title = E-Book Store SQL Injection Vulnerability Author = Valentin Hoebel Contact = [email protected] ::::::::::::::::::::::::::::::::::::::...
sBlog 0.7.2 search.php keyword Variable POST Method XSS
No description provided by source. source: http://www.securityfocus.com/bid/17044/info sBlog is prone to HTML-injection vulnerabilities. The application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be...