DIY Web CMS - Multiple Vulnerabilities

SQL and XSS in DIY Web CMS found by : p0pc0rn 22/2/2011 web : http://www.mydiyweb.com.my dork : intext:"powered by DiyWeb" SQL - Microsoft JET Database Engine error ----------------------------------------- http://site.com/template.asp?menuid=SQL http://site.com/viewcatalog.asp?id=SQL...

CVE-2008-1795

Multiple cross-site scripting XSS vulnerabilities in Blackboard Academic Suite 7.x and earlier, and possibly some 8.0 versions, allow remote attackers to inject arbitrary web script or HTML via 1 the searchText parameter in a Course action to webapps/blackboard/execute/viewCatalog or 2 the...