12 matches found
EUVD-2005-1623
Malware in sbrugna...
EUVD-2006-1332
Malware in sbrugna...
[eVuln] Skull-Splitter's PHP Guestbook XSS Vulnerability
New eVuln Advisory: Skull-Splitter's PHP Guestbook XSS Vulnerability http://evuln.com/vulns/104/summary.html --------------------Summary---------------- eVuln ID: EV0104 CVE: CVE-2006-1256 Software: Skull-Splitter's PHP Guestbook Sowtware's Web Site: http://www.boysen.be/ Versions: 2.6 2.7 Critic...
Sql injection
SQL injection vulnerability in count.php in Skull-Splitter PHP Downloadcounter for Wallpapers 1.0 allows remote attackers to execute arbitrary SQL commands via the 1 countfieldname, 2 urlfieldname, or 3 url parameter...
CVE-2006-1328
SQL injection vulnerability in count.php in Skull-Splitter PHP Downloadcounter for Wallpapers 1.0 allows remote attackers to execute arbitrary SQL commands via the 1 countfieldname, 2 urlfieldname, or 3 url parameter...
CVE-2006-1328
The CVE concerns Skull-Splitter’s PHP Downloadcounter for Wallpapers 1.0. Vulnerable file: count.php; vulnerable parameters: count_fieldname, url_fieldname, and url. The underlying cause is unsanitized input used in SQL queries, enabling remote SQL injection. Exploitation details are supported by...
Skull-Splitter Guestbook Multiple HTML Injection Vulnerabilities
The remote host is running the Skull-Splitter guestbook, a guestbook written in PHP. The remote version of this software is vulnerable to cross-site scripting attacks. Inserting special characters into the subject or message content can cause arbitrary code execution for third party users, thus...
CVE-2005-1620
Cross-site scripting XSS vulnerability in Skull-Splitter Guestbook 1.0, 2.0 and 2.2 allows remote attackers to inject arbitrary web script or HTML via the 1 title or 2 content of a message...
CVE-2005-1620
Cross-site scripting XSS vulnerability in Skull-Splitter Guestbook 1.0, 2.0 and 2.2 allows remote attackers to inject arbitrary web script or HTML via the 1 title or 2 content of a message...
CVE-2005-1620
CVE-2005-1620 is a documented cross-site scripting (XSS) vulnerability in Skull-Splitter Guestbook versions 1.0, 2.0 and 2.2. The issue allows remote attackers to inject arbitrary web script or HTML via the title or content fields of a message. The NVD entry lists a CVSS v2 base score of 4.3 (MED...
Skull-Splitter Guestbook Multiple Field XSS
The remote version of this software is vulnerable to cross-site scripting attacks. Inserting special characters into the subject or message content can cause arbitrary script code execution for third-party users, thus resulting in a loss of integrity of their system. %NASLMINLEVEL 70300 This scri...
Skull-Splitter Guestbook 1.02.02.2 - Multiple HTML Injection Vulnerabilities
Skull-Splitter Guestbook 1.02.02.2 - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/13632/info Skull-Splitter Guestbook is prone to multiple HTML injection vulnerabilities. It is possible to inject HTML and script code into the title and content of posted...