53 matches found
CVE-2005-4037
SQL injection vulnerability in functions.php in Web4Future Affiliate Manager PRO 4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter...
CVE-2005-4035
Multiple SQL injection vulnerabilities in Web4Future eCommerce Enterprise Edition 2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 prod, and 2 brid parameters to a view.php; the 3 the bid parameter to b viewbrands.php; and the 4 grp and 5 cat parameters to...
CVE-2005-4034
Multiple SQL injection vulnerabilities in Web4Future eDating Professional 5 allow remote attackers to execute arbitrary SQL commands via the 1 s, 2 pg, and 3 sortb parameters to a index.php; 4 cid parameter to b gift.php and c fq.php; and 5 cat parameter to d articles.php...
CVE-2005-4038
SQL injection vulnerability in comentarii.php in Web4Future Portal Solutions News Portal allows remote attackers to execute arbitrary SQL commands via the idp parameter...
CVE-2005-4039
Directory traversal vulnerability in arhiva.php in Web4Future Portal Solutions News Portal allows remote attackers to read arbitrary files via the dir parameter...
CVE-2005-4036
Cross-site scripting XSS vulnerability in index.cgi in Web4Future KeyWord Frequency Counter 1.0 allows remote attackers to inject arbitrary web script or HTML via the "remote URL."...
CVE-2005-4035
Multiple SQL injection vulnerabilities in Web4Future eCommerce Enterprise Edition 2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 prod, and 2 brid parameters to a view.php; the 3 the bid parameter to b viewbrands.php; and the 4 grp and 5 cat parameters to...
CVE-2005-4037
SQL injection vulnerability in functions.php in Web4Future Affiliate Manager PRO 4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter...
CVE-2005-4034
Multiple SQL injection vulnerabilities in Web4Future eDating Professional 5 allow remote attackers to execute arbitrary SQL commands via the 1 s, 2 pg, and 3 sortb parameters to a index.php; 4 cid parameter to b gift.php and c fq.php; and 5 cat parameter to d articles.php...
CVE-2005-4038
SQL injection vulnerability in comentarii.php in Web4Future Portal Solutions News Portal allows remote attackers to execute arbitrary SQL commands via the idp parameter...
CVE-2005-4034
CVE-2005-4034 describes multiple SQL injection vulnerabilities in Web4Future eDating Professional 5, enabling remote attackers to execute arbitrary SQL via the parameters s, pg, and sortb to index.php; cid to gift.php and fq.php; and cat to articles.php. Affected product: Web4Future eDating Profe...
CVE-2005-4037
CVE-2005-4037 affects Web4Future Affiliate Manager PRO 4.1 and earlier. The vulnerability is a SQL injection in functions.php reachable via the pid parameter, enabling remote SQL commands. CVSS metrics in the initial entry indicate base score 7.5 (HIGH) with network attack vector and low attack c...
CVE-2005-4035
CVE-2005-4035 concerns SQL injection vulnerabilities in Web4Future eCommerce Enterprise Edition 2.1 and earlier. The flaws allow remote attackers to execute arbitrary SQL commands via the (1) prod and (2) brid parameters to view.php; the (3) bid parameter to viewbrands.php; and the (4) grp and (5...
CVE-2005-4038
CVE-2005-4038: A SQL injection flaw exists in Web4Future Portal Solutions News Portal’s comentarii.php, exploitable via the idp parameter. The vulnerability allows remote attackers to execute arbitrary SQL commands. Documents confirm the affected product and parameter but do not provide exploitat...
CVE-2005-4039
Directory traversal vulnerability in arhiva.php in Web4Future Portal Solutions News Portal allows remote attackers to read arbitrary files via the dir parameter...
CVE-2005-4036
CVE-2005-4036 is a cross-site scripting (XSS) vulnerability in Web4Future Keyword Frequency Counter 1.0, exploitable via the remote URL parameter sent to index.cgi. The NVD summary states an attacker can inject arbitrary script/HTML, impacting integrity (partial) but with no confidentiality or av...
CVE-2005-4039
CVE-2005-4039 affects the Web4Future Portal Solutions News Portal. A directory traversal flaw in arhiva.php allows remote attackers to read arbitrary files through the dir parameter. The NVD entry lists a base score of 7.8 (HIGH) with network access and low attack complexity. The connected source...
Web4Future eCommerce Enterprise Edition v2.1 SQL inj. vuln.
Web4Future eCommerce Enterprise Edition v2.1 SQL inj. vuln. Vuln. dicovered by : r0t Date: 5 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/ecommerce-enterprise-edition-sql-inj.html vendor:http://www.web4future.com/products.php?p=ecomm affected version:v2.1 and prior Product...
Web4Future Portal Solutions - News Portal vuln.
Web4Future Portal Solutions - News Portal vuln. Vuln. dicovered by : r0t Date: 5 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/web4future-portal-solutions-news.html vendor:http://www.web4future.com/products.php?p=nportal affected version: latest Product Description: It's a...
Web4Future eCommerce Enterprise Edition 2.1 - view.php Multiple SQL Injections
Web4Future eCommerce Enterprise Edition 2.1 - view.php Multiple SQL Injections source: https://www.securityfocus.com/bid/15707/info eCommerce Enterprise Edition is prone to multiple SQL injection vulnerabilities. These vulnerabilities could permit remote attackers to pass malicious input to...