6 matches found
CVE-2010-1343
SQL injection vulnerability in photo.php in SiteX 0.7.4 beta allows remote attackers to execute arbitrary SQL commands via the albumid parameter...
Sql injection
SQL injection vulnerability in photo.php in SiteX 0.7.4 beta allows remote attackers to execute arbitrary SQL commands via the albumid parameter...
CVE-2010-1343
SQL injection vulnerability in photo.php in SiteX 0.7.4 beta allows remote attackers to execute arbitrary SQL commands via the albumid parameter...
CVE-2010-1343
CVE-2010-1343 concerns a SQL injection in SiteX 0.7.4 beta, affecting the photo.php script via the albumid parameter. The underlying issue is unsanitized input incorporated into a database query, enabling remote attackers to manipulate queries and potentially access sensitive data. Public sources...
CVE-2009-1846
Multiple directory traversal vulnerabilities in SiteX 0.7.4 Build 418 and earlier allow remote attackers to include and execute arbitrary local files via a .. dot dot in the THEMEFOLDER parameter to 1 Corporate/homepage.php, 2 Fusion/homepage.php, 3 Joombo/homepage.php, 4 Streamline/homepage.php,...
Directory traversal
Multiple directory traversal vulnerabilities in SiteX 0.7.4 Build 418 and earlier allow remote attackers to include and execute arbitrary local files via a .. dot dot in the THEMEFOLDER parameter to 1 Corporate/homepage.php, 2 Fusion/homepage.php, 3 Joombo/homepage.php, 4 Streamline/homepage.php,...