5 matches found
eNdonesia 8.4 mod.php viewarticle Action artid Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/24590/info eNdonesia is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication...
Sql injection
Multiple SQL injection vulnerabilities in iGaming 1.5 and earlier allow remote attackers to execute arbitrary SQL commands via the browse parameter to 1 previews.php and 2 reviews.php, and the 3 id parameter to index.php in a viewarticle action...
CVE-2006-2857
SQL injection vulnerability in index.php in LifeType 1.0.4 allows remote attackers to execute arbitrary SQL commands via the articleId parameter in a ViewArticle action viewarticleaction.class.php...
Sql injection
SQL injection vulnerability in index.php in LifeType 1.0.4 allows remote attackers to execute arbitrary SQL commands via the articleId parameter in a ViewArticle action viewarticleaction.class.php...
CVE-2006-2857
The CVE-2006-2857 entry affects LifeType 1.0.4 and describes an SQL injection in index.php (articleId parameter in the ViewArticle action). The underlying issue is failure to sanitize user input, enabling an unauthenticated attacker to manipulate database queries. The vulnerability can lead to ar...