231 matches found
CVE-2006-0651
SQL injection vulnerability in index.php in vwdev allows remote attackers to execute arbitrary SQL commands via the UID parameter in the definition Page...
CVE-2006-0651
CVE-2006-0651 describes a SQL injection vulnerability in the vwdev application, where the UID parameter in index.php allows remote attackers to execute arbitrary SQL commands. The issue is rooted in improper input handling in the affected page, enabling an attacker with network access (no authent...
CVE-2005-4170
An SQL injection vulnerability in eFiction 1.1 allows remote attackers to execute arbitrary SQL commands through the uid parameter to viewuser.php. This CVE-2005-4170 (NVD entry) has a base score of 7.5 (HIGH) with NETWORK access, LOW complexity, no authentication, and partial impacts on confiden...
CVE-2005-4170
SQL injection vulnerability in eFiction 1.1 allows remote attackers to execute arbitrary SQL commands via the uid parameter to viewuser.php...
CVE-2005-2697
SQL injection vulnerability in search.php for MyBulletinBoard MyBB 1.00 Release Candidate 1 through 4 allows remote attackers to execute arbitrary SQL commands via the uid parameter. NOTE: this issue might overlap CVE-2005-0282...
CVE-2005-2697
SQL injection vulnerability in search.php for MyBulletinBoard MyBB 1.00 Release Candidate 1 through 4 allows remote attackers to execute arbitrary SQL commands via the uid parameter. NOTE: this issue might overlap CVE-2005-0282...
CVE-2005-2566
Open Bulletin Board (OpenBB) contains multiple SQL injection vulnerabilities in board.php (FID parameter) and member.php (UID parameter). The affected components are the OpenBB web application’s old board and member handlers, enabling remote attackers to execute arbitrary SQL commands. The CVE-20...
CVE-2005-2299
Multiple cross-site scripting XSS vulnerabilities in Simple Message Board Version 2.0 Beta 1 allow remote attackers to inject arbitrary web script or HTML via the 1 FID parameter to forum.cfm, 2 UID parameter to user.cfm, 3 TID parameter to thread.cfm, or 4 PostDate parameter to search.cfm...
CVE-2005-2299
Multiple cross-site scripting XSS vulnerabilities in Simple Message Board Version 2.0 Beta 1 allow remote attackers to inject arbitrary web script or HTML via the 1 FID parameter to forum.cfm, 2 UID parameter to user.cfm, 3 TID parameter to thread.cfm, or 4 PostDate parameter to search.cfm...
CVE-2005-0282
SQL injection vulnerability in member.php in MyBulletinBoard MyBB allows remote attackers to execute arbitrary SQL commands via the uid parameter...
CVE-2004-0261
OpenJournal 2.0 (2.0–2.0.5) is affected by an authentication bypass in oj.cgi, where a uid parameter set to 0 allows remote attackers to access the control panel. The root cause and specific exploit details are not elaborated beyond this description in the provided documents. Impact is elevated (...