12 matches found
EUVD-2005-3507
Malware in sbrugna...
PhotoPost Pro 5.1 showgallery.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/12920/info Multiple input validation vulnerabilities reportedly affect PhotoPost Pro. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carry out critical...
PhotoPost PHP 3.3.1 'cat' Parameter Cross Site Scripting and SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/35996/info PhotoPost PHP is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to...
PhotoPost PHP Pro 3.x/4.x showgallery.php Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/9994/info Multiple SQL injection, cross-site scripting and HTML injection vulnerabilities have been identified in the application, which may allow an attacker to execute arbitrary HTML or script code in a user's browser...
PhotoPost PHP 4.8c (showgallery.php) Cross Site Scripting
Exploit Title: PhotoPost PHP 4.8c showgallery.php Cross Site Scripting home : http://www.D99Y.com Author: NassRawI Date: 2/3/2011 Google Dork: "Powered by: PhotoPost PHP 4.8c" Software Link: http://www.photopost.com/ file : showgallery.php exploit : http://localhost/showgallery.php?si=" XSS "...
PhotoPost PHP 'showgallery.php' Multiple Cross Site Scripting Vulnerabilities
PhotoPost PHP is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user- supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the...
PhotoPost PHP 4.8c Cross Site Scripting
Exploit Title: PhotoPost PHP 4.8c showgallery.php Cross Site Scripting home : http://www.D99Y.com Author: NassRawI Date: 2/3/2011 Google Dork: "Powered by: PhotoPost PHP 4.8c" Software Link: http://www.photopost.com/ file : showgallery.php exploit : http://localhost/showgallery.php?si=" XSS "...
CVE-2005-0928
Multiple cross-site scripting XSS vulnerabilities in PhotoPost PHP Pro 5.x allow remote attackers to inject arbitrary web script or HTML via the 1 cat, 2 password, 3 ppuser, 4 sort, or 5 si parameters to showgallery.php, the 6 ppuser, 7 sort, or 8 si parameters to showmembers.php, or 9 the photo...
CVE-2005-0273
Multiple SQL injection vulnerabilities in showgallery.php in PhotoPost before 4.86 allow remote attackers to execute arbitrary SQL commands via the 1 cat or 2 ppuser parameter...
CVE-2005-0928
Multiple cross-site scripting XSS vulnerabilities in PhotoPost PHP Pro 5.x allow remote attackers to inject arbitrary web script or HTML via the 1 cat, 2 password, 3 ppuser, 4 sort, or 5 si parameters to showgallery.php, the 6 ppuser, 7 sort, or 8 si parameters to showmembers.php, or 9 the photo...
CVE-2005-0274
Summary of CVE-2005-0274 (PhotoPost PHP showgallery.php XSS) The vulnerability is in PhotoPost PHP showgallery.php, where multiple cross-site scripting (XSS) flaws arise from insufficient sanitization of user-supplied input. The affected code path allows remote attackers to inject arbitrary scrip...
CVE-2005-0273
CVE-2005-0273 : The OpenVAS/NVD records describe SQL Injection vulnerabilities in PhotoPost PHP’s showgallery.php that allow remote attackers to execute arbitrary SQL commands via the (1) cat or (2) ppuser parameters. Affected product: PhotoPost PHP Pro (and PhotoPost up to version 4.86 per the C...