14 matches found
EUVD-2006-3381
Malware in sbrugna...
EUVD-2006-3382
Malware in sbrugna...
EUVD-2006-3380
Malware in sbrugna...
Vincent-Leclercq News 5.2 - Diver.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/18729/info Vincent-Leclercq News is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. An attacker may be...
Vincent Leclercq News 5.2 Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/18775/info Vincent Leclercq News is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before displaying it to users of the application. An attacker may leverage this...
CVE-2006-3385
Cross-site scripting XSS vulnerability in divers.php in Vincent Leclercq News 5.2 allows remote attackers to inject arbitrary web script or HTML via the 1 id and 2 disabled parameters...
CVE-2006-3386
index.php in Vincent Leclercq News 5.2 allows remote attackers to obtain sensitive information, such as the installation path, via a mail parameter with invalid values...
CVE-2006-3384
SQL injection vulnerability in divers.php in Vincent Leclercq News 5.2 allows remote attackers to execute arbitrary SQL commands via the 1 id and 2 texte parameters...
CVE-2006-3385
Cross-site scripting XSS vulnerability in divers.php in Vincent Leclercq News 5.2 allows remote attackers to inject arbitrary web script or HTML via the 1 id and 2 disabled parameters...
CVE-2006-3385
CVE-2006-3385 affects Vincent Leclercq News 5.2, with a vulnerability in divers.php that allows cross-site scripting via the id and disabled parameters. The issue is confirmed by NVD entries; CVSS metrics indicate a base score of 5.8 (Medium) with network attack vector, and partial confidentialit...
CVE-2006-3384
CVE-2006-3384: SQL injection in divers.php of Vincent Leclercq News 5.2 allows remote attackers to execute arbitrary SQL via the id and texte parameters. Affected software: Vincent Leclercq News 5.2. Root cause: improper input handling in divers.php leading to unsafely constructed SQL queries. CV...
CVE-2006-3384
SQL injection vulnerability in divers.php in Vincent Leclercq News 5.2 allows remote attackers to execute arbitrary SQL commands via the 1 id and 2 texte parameters...
Vincent Leclercq News 5.2 - Cross-Site Scripting
source: https://www.securityfocus.com/bid/18775/info Vincent Leclercq News is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before displaying it to users of the application. An attacker may leverage this issue to have arbitrary script code...
Vincent-Leclercq News 5.2 - 'Diver.php' SQL Injection
source: https://www.securityfocus.com/bid/18729/info Vincent-Leclercq News is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. An attacker may be able to exploit this issue to modif...