6498 matches found
CVE-2008-6773
The CVE-2008-6773 entry concerns YourPlace 1.0.2 and earlier, where a static code injection flaw in user/internettoolbar/edit.php allows remote authenticated users to execute arbitrary PHP via 10 fav parameters, resulting in partial impact to confidentiality, integrity, and availability. The root...
CVE-2009-1463
Static code injection vulnerability in razorCMS before 0.4 allows remote attackers to inject arbitrary PHP code into any page by saving content as a .php file...
Code injection
Static code injection vulnerability in admin/install.php in Flexcustomer 0.0.6 might allow remote attackers to inject arbitrary PHP code into const.inc.php via the installdbname parameter aka the Database Name field. NOTE: the installation instructions specify deleting admin/install.php...
Code injection
Static code injection vulnerability in razorCMS before 0.4 allows remote attackers to inject arbitrary PHP code into any page by saving content as a .php file...
CVE-2009-1463
The CVE-2009-1463 entry affects razorCMS prior to version 0.4. The issue is a static code injection flaw that lets remote attackers save content as a .php file, enabling arbitrary PHP execution on affected pages. The underlying cause is improper handling of content/file saves that allows code to ...
CVE-2008-6761
CVE-2008-6761 affects Flexcustomer 0.0.6 and is a static code injection vulnerability in admin/install.php that enables remote attackers to inject arbitrary PHP into const.inc.php via the installdbname parameter (Database Name field). The issue stems from admin/install.php and installation notes ...
CVE-2009-1285
Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php in phpMyAdmin 3.x before 3.1.3.2 allows remote attackers to inject arbitrary PHP code into configuration files...
CVE-2009-1285
Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php in phpMyAdmin 3.x before 3.1.3.2 allows remote attackers to inject arbitrary PHP code into configuration files...
Code injection
Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php in phpMyAdmin 3.x before 3.1.3.2 allows remote attackers to inject arbitrary PHP code into configuration files...
CVE-2009-1285
Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php in phpMyAdmin 3.x before 3.1.3.2 allows remote attackers to inject arbitrary PHP code into configuration files...
CVE-2009-1285
phpMyAdmin 3.x is affected by a static code injection in the getConfigFile function (setup/lib/ConfigFile.class.php) prior to 3.1.3.2, allowing remote attackers to inject arbitrary PHP into configuration files. Documented CVSS base 7.5 (HIGH) with network access and no authentication. Remediation...
CVE-2009-1278
Static code injection vulnerability in forms/ajax/configure.php in Gravity Board X GBX 2.0 BETA allows remote attackers to inject arbitrary PHP code into config.php via the configure action to index.php...
CVE-2009-1278
Gravity Board X (GBX) 2.0 BETA has a static code injection in forms/ajax/configure.php that allows remote attackers to inject arbitrary PHP code into config.php via the configure action to index.php. Affected: GBX 2.0 BETA; vulnerable file: forms/ajax/configure.php. Root cause: configuration work...
Mandriva Update for mysql MDVSA-2008:149 (mysql)
Check for the Version of mysql OpenVAS Vulnerability Test Mandriva Update for mysql MDVSA-2008:149 mysql Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Mandriva Update for libpng MDKSA-2007:217 (libpng)
Check for the Version of libpng OpenVAS Vulnerability Test Mandriva Update for libpng MDKSA-2007:217 libpng Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
Mandriva Update for SDL_image MDVSA-2008:040 (SDL_image)
Check for the Version of SDLimage OpenVAS Vulnerability Test Mandriva Update for SDLimage MDVSA-2008:040 SDLimage Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Mandriva Update for file MDKSA-2007:067 (file)
Check for the Version of file OpenVAS Vulnerability Test Mandriva Update for file MDKSA-2007:067 file Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
Code injection
Static code injection vulnerability in edithistory.php in OxYProject OxYBox 0.85 allows remote attackers to inject arbitrary PHP code into oxyhistory.php via the oxymsg parameter...
CVE-2008-6651
The CVE-2008-6651 entry covers a static code injection in OxYProject OxYBox 0.85, specifically in edithistory.php. The vulnerability arises because an attacker can inject arbitrary PHP code into oxyhistory.php through the oxymsg parameter, enabling remote code execution. The affected component is...
Ftbbs7. 1 static GBK version 0day-vulnerability warning-the black bar safety net
conn. asp wood has done anti-injected into the, ftbbsmyinfo. asp and JB to an injection,a perfect match.. Posted on ftbbsmyinfo. asp source code: ASP/Visual Basic code 0 1.& lt;% 0 2. postuserid=request. QueryString”postuserid” 0 3. ftbbsuser=request. QueryString”ftbbsuser” 0 4. call FTBBSHTMLMBf...