HitHost 1.0 viewuser.php hits Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/17025/info HitHost is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

efiction 1.0/1.1/2.0 viewuser.php uid Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15568/info eFiction is prone to SQL injection, remote file upload, and cross site scripting vulnerabilities. These vulnerabilities may allow an attacker to view and modify sensitive information, gain unauthorized access,...

CVE-2006-1144

Cross-site scripting XSS vulnerability in HitHost 1.0.0 allows remote attackers to inject arbitrary web script or HTML via 1 the user parameter in deleteuser.php and 2 the hits parameter in viewuser.php...

CVE-2006-1144

Cross-site scripting XSS vulnerability in HitHost 1.0.0 allows remote attackers to inject arbitrary web script or HTML via 1 the user parameter in deleteuser.php and 2 the hits parameter in viewuser.php...

CVE-2006-1144

CVE-2006-1144 concerns HitHost 1.0.0 and is an XSS vulnerability. The issue allows remote attackers to inject arbitrary web script or HTML via two parameters: (1) user in deleteuser.php and (2) hits in viewuser.php. The NVD entry lists a low base score (CVSS v2: 2.6, AV:N/AC:H/Au:N/I:P/A:N) with ...

CVE-2005-4170

SQL injection vulnerability in eFiction 1.1 allows remote attackers to execute arbitrary SQL commands via the uid parameter to viewuser.php...