Cross site scripting

Cross-site scripting XSS vulnerability in viewcat.php in geoBlog 1.0 allows remote attackers to inject arbitrary web script or HTML via the cat parameter...

CVE-2006-2177

Cross-site scripting XSS vulnerability in viewcat.php in geoBlog 1.0 allows remote attackers to inject arbitrary web script or HTML via the cat parameter...

CVE-2006-2177

Cross-site scripting XSS vulnerability in viewcat.php in geoBlog 1.0 allows remote attackers to inject arbitrary web script or HTML via the cat parameter...

CVE-2006-2177

CVE-2006-2177 describes a Cross-site Scripting (XSS) vulnerability in geoBlog 1.0’s viewcat.php, exploitable by passing a crafted value in the cat parameter to inject arbitrary script/HTML. The vulnerability is confirmed in multiple sources (NVD entry; related CVE records) and affects geoBlog 1.0...

CVE-2006-0249

SQL injection vulnerability in viewcat.php in BitDamaged geoBlog MOD1.0 allows remote attackers to execute arbitrary SQL commands, then steal credentials and upload files, via the cat parameter $tmpCategory variable...

CVE-2006-0249

CVE-2006-0249 is a concrete SQL injection vulnerability in BitDamaged geoBlog MOD_1.0, specifically affecting viewcat.php via the cat parameter ($tmpCategory). The connected sources confirm that remote attackers can trigger arbitrary SQL commands, with the described impact of credential theft and...

Sql injection

SQL injection vulnerability in viewcat.php in BitDamaged geoBlog MOD1.0 allows remote attackers to execute arbitrary SQL commands, then steal credentials and upload files, via the cat parameter $tmpCategory variable...

CVE-2005-3952

CVE-2005-3952 describes an SQL injection in PHP Labs Top Auction. The vulnerability affects the viewcat.php script and could allow remote attackers to modify or retrieve data via the (1) category, (2) type parameters, or (3) certain search parameters. The root cause is unsafely handled user input...

Top Auction Multiple SQL Vuln.

Top Auction Multiple SQL Vuln. Vuln. dicovered by : r0t Date 23 nov. 2005 Orginal advisory:http://pridels.blogspot.com/2005/11/top-auction-multiple-sql-vuln.html Vendor:http://www.phplabs.com/ Product link:http://www.phplabs.com/scripts.php?script=Top20Auction affected version: Top Auction last...

CVE-2005-0827

Viewcat.php in 1 RUNCMS 1.1A, 2 Ciamos 0.9.2 RC1, e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops exoops, allow remote attackers to obtain sensitive information via an invalid parameter to the convertorderbytrans function, which reveals the path in a PHP error message...

CVE-2005-0827

The CVE affects RUNCMS 1.1A, Ciamos 0.9.2 RC1, and e-Xoops 1.05 Rev3, via the Viewcat.php code path where convertorderbytrans is invoked. The underlying issue is that an invalid parameter to convertorderbytrans causes a PHP error message that reveals the filesystem path, enabling remote attackers...

Ciamos Installation path(IHS)

IHS Iran Hackers Sabotage Public advisory by : NT [email protected] I Would Change A Default Value In CIAMOS,By Change A value In Viewcat.php I Get An Error On It Show CIAMOS Installation Path. Tested In Ciamos 0.9.2 RC1 ------------------------------------------- Going To CIAMOS And Downloads OR...

runcms installation path

IHS Iran Hackers Sabotage Public advisory by : NT [email protected] I Would Change A Default Value In RUNCMS,By Change A value In Viewcat.php I Get An Error On It Show RUNCMS Installation Path. Tested In RUNCMS 1.1A ------------------------------------------- Going To RUNCMS And MYDownloads OR MyLin...