5 matches found
CVE-2006-0655
Multiple cross-site scripting XSS vulnerabilities in 1 linkedited.php and 2 linkadded.php in Hinton Design phpht Topsites 1.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Sql injection
Multiple SQL injection vulnerabilities in Hinton Design phpht Topsites 1.3 allow remote attackers to execute arbitrary SQL commands via multiple vectors including the username parameter...
CVE-2006-0654
CVE-2006-0654 affects Hinton Design phpht Topsites 1.3 where check.php fails to validate passwords when cookies are used, enabling remote attackers to bypass authentication via unspecified cookies. The NVD entry lists a CVSS v2 base score of 7.5 (HIGH) with network attack vector and low complexit...
CVE-2006-0653
CVE-2006-0653 involves SQL injection vulnerabilities in Hinton Design phpht Topsites 1.3, allowing remote attackers to execute arbitrary SQL commands via multiple vectors, including the username parameter. The connected records confirm the affected software and the underlying vulnerability class ...
CVE-2006-0655
CVE-2006-0655 describes multiple cross-site scripting (XSS) vulnerabilities in Hinton Design phpht Topsites 1.3, specifically in the link_edited.php and link_added.php scripts. The provided descriptions indicate remote attackers can inject arbitrary web script or HTML via unspecified vectors. The...