CVE-2010-4784

Multiple SQL injection vulnerabilities in member.php in PHP Web Scripts Easy Banner Free 2009.05.18, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 username and 2 password parameters...

CVE-2010-4783

Multiple cross-site scripting XSS vulnerabilities in index.php in PHP Web Scripts Easy Banner Free 2009.05.18, when magicquotesgpc is disabled, allow remote attackers to inject arbitrary web script or HTML via the 1 siteurl and 2 urlbanner parameters...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in index.php in PHP Web Scripts Easy Banner Free 2009.05.18, when magicquotesgpc is disabled, allow remote attackers to inject arbitrary web script or HTML via the 1 siteurl and 2 urlbanner parameters...

CVE-2010-4783

The CVE-2010-4783 entry concerns multiple cross-site scripting (XSS) vulnerabilities in index.php of PHP Web Scripts Easy Banner Free 2009.05.18. The root cause described in sources is that with magic_quotes_gpc disabled, an attacker can inject arbitrary web script or HTML via the siteurl and url...

CVE-2010-4784

CVE-2010-4784 describes multiple SQL injection vulnerabilities in the member.php component of PHP Web Scripts Easy Banner Free 2009.05.18. When magic_quotes_gpc is disabled, remote attackers may inject SQL via the (1) username and (2) password parameters. Details on exploitation, affected version...

CVE-2010-4784

Multiple SQL injection vulnerabilities in member.php in PHP Web Scripts Easy Banner Free 2009.05.18, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 username and 2 password parameters...

CVE-2011-0457

CVE-2011-0457 affects the e107 CMS (versions 0.7.22 and earlier). The vulnerability is a cross-site scripting (XSS) flaw that allows remote attackers to inject arbitrary script/HTML via unspecified vectors. The Red Hat/ENISA/JVN data confirm the issue in e107 prior to 0.7.23 and indicate upgradin...

CVE-2010-4355

Cross-site scripting XSS vulnerability in DaDaBIK before 4.3 beta2, when the insert or edit feature is enabled, allows remote authenticated users to inject arbitrary web script or HTML via the selectsingle parameter...

SQL injection and Path Disclosure Auth Bypass in 4images 1.7.X

-----------Summary----------- eVuln ID: 200 Software: "Powered by 4images" Vendor: PHP Web Scripts Version: 4images 1.7.X dork: "Powered by 4images" Critical Level: medium Type: SQL injection and Path Disclosure Status: Unpatched. No reply from developers PoC: Available Solution: Not available...

Easy Banner Free SQL Injection

New eVuln Advisory: SQL injection Auth Bypass in Easy Banner Free Summary: http://evuln.com/vulns/147/summary.html Details: http://evuln.com/vulns/147/description.html -----------Summary----------- eVuln ID: EV0147 Software: Easy Banner Free Vendor: PHP Web Scripts Version: 2009.05.18 Critical...

Easy Banner Free Cross Site Scripting

New eVuln Advisory: URL XSS in Easy Banner Free Summary: http://evuln.com/vulns/148/summary.html Details: http://evuln.com/vulns/148/description.html -----------Summary----------- eVuln ID: EV0148 Software: Easy Banner Free Vendor: PHP Web Scripts Version: 2009.05.18 Critical Level: low Type: Cro...

[eVuln.com] URL XSS in Easy Banner Free

New eVuln Advisory: URL XSS in Easy Banner Free Summary: http://evuln.com/vulns/148/summary.html Details: http://evuln.com/vulns/148/description.html -----------Summary----------- eVuln ID: EV0148 Software: Easy Banner Free Vendor: PHP Web Scripts Version: 2009.05.18 Critical Level: low Type: Cro...

[eVuln.com] SQL injection Auth Bypass in Easy Banner Free

New eVuln Advisory: SQL injection Auth Bypass in Easy Banner Free Summary: http://evuln.com/vulns/147/summary.html Details: http://evuln.com/vulns/147/description.html -----------Summary----------- eVuln ID: EV0147 Software: Easy Banner Free Vendor: PHP Web Scripts Version: 2009.05.18 Critical...

4Images 1.7.x SQL Injection

-----------Summary----------- eVuln ID: 200 Software: "Powered by 4images" Vendor: PHP Web Scripts Version: 4images 1.7.X dork: "Powered by 4images" Critical Level: medium Type: SQL injection and Path Disclosure Status: Unpatched. No reply from developers PoC: Available Solution: Not available...

SimpNews Multiple Vulnerabilities

This host is running SimpNews and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbsimpnewsmultvuln.nasl 7573 2017-10-26 09:18:50Z cfischer $ SimpNews Multiple Vulnerabilities Authors: Antu Sanadi Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net...

Cross site scripting

Cross-site scripting XSS vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving a 1 paste or 2 drag-and-drop operation for a...

Tainos Webdesign (All Scripts) SQL/XSS/HTML Injection Vulnerability

Exploit for php platform in category web applications =================================================================== Tainos Webdesign All Scripts SQL/XSS/HTML Injection Vulnerability =================================================================== Author: CoBRa21 Mail: email protected...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in SemanticScuttle before 0.94.1 allow remote attackers to inject arbitrary web script or HTML via the sort parameter to index.php, and other unspecified vectors, a different issue than CVE-2008-6113. NOTE: some of these details are obtained from...

PHP Inventory Multiple Vulnerabilities

PHP inventory is prone to multiple vulnerabilities. This VT has been deprecated and replaced by the VT SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

MediaWiki 1.14.0, 1.15.0 XSS Vulnerability

MediaWiki is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...