7 matches found
EUVD-2009-1448
Malware in sbrugna...
Cross site scripting
Cross-site scripting XSS vulnerability in startpage.php in SMA-DB 0.3.12 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...
CVE-2009-1450
PHP remote file inclusion vulnerability in format.php in SMA-DB 0.3.12 allows remote attackers to execute arbitrary PHP code via a URL in the pagecontent parameter...
CVE-2009-1450
CVE-2009-1450 affects SMA-DB 0.3.12, where a vulnerability in format.php allows remote attackers to execute arbitrary PHP code via a URL supplied in the _page_content parameter. The issue constitutes a PHP remote file inclusion vulnerability with network exposure and requires no authentication, a...
CVE-2009-1451
Cross-site scripting XSS vulnerability in startpage.php in SMA-DB 0.3.12 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...
CVE-2009-1451
The CVE-2009-1451 entry describes a Cross-site Scripting (XSS) vulnerability in SMA-DB 0.3.12, specifically in startpage.php, where an attacker can inject arbitrary web script or HTML via PATH_INFO. Affected software: SMA-DB 0.3.12; vulnerable component: startpage.php; root cause: unsanitized PAT...
CVE-2009-1450
PHP remote file inclusion vulnerability in format.php in SMA-DB 0.3.12 allows remote attackers to execute arbitrary PHP code via a URL in the pagecontent parameter...