CVE-2007-1965

Multiple cross-site scripting XSS vulnerabilities in eXV2 CMS 2.0.4.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the setlang parameter to 1 archive.php, 2 article.php, 3 index.php, or 4 topics.php...

uta.edu XSS vulnerability

Vulnerable URL: http://www.uta.edu/ssw/news/releases/topics.php?tag=%3CsvG%20onLoad=prompt9%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 15.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 10785 VIP website status:| Yes...

DbbS 2.0 Topics.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17338/info DbbS is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an...

CVE-2010-4155

Multiple cross-site scripting XSS vulnerabilities in eXV2 CMS 2.10 allow remote attackers to inject arbitrary web script or HTML via the 1 rssfeedURL parameter to manual/caferss/example.php and the sumb parameter to 2 modules/news/archive.php, 3 modules/news/topics.php, and 4...

CVE-2008-2084

SQL injection vulnerability in topics.php in the MyArticles 0.6 beta-1 module for RunCMS allows remote attackers to execute arbitrary SQL commands via the topicid parameter in a listarticles action...

CVE-2008-2084

SQL injection vulnerability in topics.php in the MyArticles 0.6 beta-1 module for RunCMS allows remote attackers to execute arbitrary SQL commands via the topicid parameter in a listarticles action...

CVE-2007-1965

Multiple cross-site scripting XSS vulnerabilities in eXV2 CMS 2.0.4.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the setlang parameter to 1 archive.php, 2 article.php, 3 index.php, or 4 topics.php...

CVE-2006-6452

Multiple cross-site scripting XSS vulnerabilities in the MyArticles module before 0.6 beta 1, for RunCMS, allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to 1 topics.php, 2 submit.php, and 3 class/calendar.class.php...

CVE-2006-3560

The CVE covers an SQL injection in topics.php of Blue Dojo Graffiti Forums 1.0, exploitable via the f parameter to execute arbitrary SQL commands remotely. This affects the application’s database interactions (vulnerability in a PHP script), with potential impacts to confidentiality, integrity, a...

Design/Logic Flaw

DbbS 2.0-alpha and earlier allows remote attackers to obtain sensitive information via an invalid 1 fcategoryid parameter to topics.php or 2 unavariabile, 3 GLOBALS, or 4 SERVER parameters to script.php. NOTE: this information leak might be resultant from a global variable overwrite issue...

Sql injection

SQL injection vulnerability in topics.php in DbbS 2.0-alpha and earlier allows remote attackers to execute arbitrary SQL commands via the fcategoryid parameter...

CVE-2006-1915

SQL injection vulnerability in topics.php in DbbS 2.0-alpha and earlier allows remote attackers to execute arbitrary SQL commands via the fcategoryid parameter...

CVE-2006-1915

The CVE-2006-1915 entry affects DbbS 2.0-alpha and earlier, with a vulnerability in topics.php where the fcategoryid parameter is unsafely used, enabling remote attackers to execute arbitrary SQL commands. Root cause is likely improper input handling leading to SQL injection. Impact is arbitrary ...

Sql injection

SQL injection vulnerability in topics.php in Dynamic Bulletin Board System DbbS 2.0-alpha and earlier allows remote attackers to execute arbitrary SQL commands via the limite parameter...

CVE-2006-1579

SQL injection vulnerability in topics.php in Dynamic Bulletin Board System DbbS 2.0-alpha and earlier allows remote attackers to execute arbitrary SQL commands via the limite parameter...

CVE-2006-1579

The CVE-2006-1579 entry describes a SQL injection in topics.php of Dynamic Bulletin Board System (DbbS) 2.0-alpha and earlier, exploitable via the limite parameter to execute arbitrary SQL queries. Affected component: topics.php in DbbS

DbbS<=2.0-alpha SQL injection

author: DaBDouB-MoSiKaR Moroccan Security Team site: http://www.dbbs.sup.fr/ greetz to : Moroccan Security Team CiM-TeaM and All Freinds exemple: http://target/topics.php?fid=3&limite=sql inbox:DaBDouB-MoSiKaRatmoroccan-securitydotcom...

DbbS 2.0 - 'Topics.php' SQL Injection

source: https://www.securityfocus.com/bid/17338/info DbbS is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the...

Sql injection

Multiple SQL injection vulnerabilities in Invision Power Board IPB 2.0.4 and 2.1.4 before 20060105 allow remote attackers to execute arbitrary SQL commands via cookies, related to 1 arrays of id/stamp pairs and 2 the keys in arrays of key/value pairs in ipsclass.php; 3 the topics variable in...

CVE-2006-1288

Multiple SQL injection vulnerabilities in Invision Power Board IPB 2.0.4 and 2.1.4 before 20060105 allow remote attackers to execute arbitrary SQL commands via cookies, related to 1 arrays of id/stamp pairs and 2 the keys in arrays of key/value pairs in ipsclass.php; 3 the topics variable in...