CVE-2008-6867

SQL injection vulnerability in content.php in Scripts For Sites SFS EZ Career allows remote attackers to execute arbitrary SQL commands via the topic parameter...

CVE-2008-6867

SQL injection vulnerability in content.php in Scripts For Sites SFS EZ Career allows remote attackers to execute arbitrary SQL commands via the topic parameter...

Sql injection

SQL injection vulnerability in liretopic.php in Xforum 1.4 and possibly others allows remote attackers to execute arbitrary SQL commands via the topic parameter. NOTE: the categorie parameter might also be affected...

CVE-2007-6397

Multiple directory traversal vulnerabilities in index.php in Flat PHP Board 1.2 and earlier allow remote attackers to 1 create arbitrary files via a .. dot dot in the username parameter when registering a user account, and 2 read arbitrary PHP files via a .. dot dot in a the topic parameter in a...

CVE-2007-6310

Multiple cross-site scripting XSS vulnerabilities in Falt4Extreme RC4 10.9.2007 allow remote attackers to inject arbitrary web script or HTML via the handler parameter to 1 index.php and possibly 2 admin/index.php, and 3 the topic parameter to modules/feed/feed.php aka modules/feed.php...

JPortal Articles.PHP SQL注入漏洞

JPortal是一款基于PHP的WEB应用程序。 JPortal不正确过滤用户提交的输入，远程攻击者可以利用漏洞进行SQL注入攻击，获得敏感信息或操作数据库。 问题是'Articles.PHP'脚本对用户提交的'topic'参数缺少过滤，提交恶意SQL查询作为参数数据，可更改原来的SQL逻辑，获得敏感信息或操作数据库。 JPortal 2.3.1 目前没有详细解决方案提供： http://www.jportal.info/downloadjportal.php...

Sql injection

SQL injection vulnerability in the News module in modules.php in Envolution 1.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the topic parameter, a different vector than CVE-2005-4263...

Sql injection

SQL injection vulnerability in low.php in Fuzzylime Forum 1.0 allows remote attackers to execute arbitrary SQL commands via the topic parameter...

Sql injection

SQL injection vulnerability in printview.php in webSPELL 4.01.02 and earlier allows remote attackers to execute arbitrary SQL commands via the topic parameter, a different vector than CVE-2007-1019, CVE-2006-5388, and CVE-2006-4783...

CVE-2007-1163

SQL injection vulnerability in printview.php in webSPELL 4.01.02 and earlier allows remote attackers to execute arbitrary SQL commands via the topic parameter, a different vector than CVE-2007-1019, CVE-2006-5388, and CVE-2006-4783...

CVE-2006-3096

CVE-2006-3096: Multiple SQL injection vulnerabilities in iPostMX 2005 2.0 and earlier allow remote attackers to execute arbitrary SQL via user-controlled input in (1) the forum parameter in messagepost.cfm and (2) the topic parameter in topics.cfm. Root cause described as improper handling of inp...

Sql injection

SQL injection vulnerability in index.php in Partial Links 1.2.2 allows remote attackers to execute arbitrary SQL commands via the topic parameter...

CVE-2006-2904

SQL injection vulnerability in index.php in Partial Links 1.2.2 allows remote attackers to execute arbitrary SQL commands via the topic parameter...

CVE-2006-2145

Multiple SQL injection vulnerabilities in index.php in HB-NS 1.1.6 allow remote attackers to execute arbitrary SQL commands via the 1 topic or 2 id parameter...

Sql injection

SQL injection vulnerability in topics.php in Appalachian State University phpWebSite 0.10.2 and earlier allows remote attackers to execute arbitrary SQL commands via the topic parameter...