16 matches found
EUVD-2006-0212
Malware in sbrugna...
EUVD-2006-0213
Malware in sbrugna...
Wordcircle index.php password Parameter SQL Injection - Ver2 (CVE-2006-0205)
An SQL injection vulnerability has been reported in Wordcircle. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
Wordcircle index.php password Parameter SQL Injection - Ver2 (CVE-2006-0205)
An SQL injection vulnerability has been reported in Wordcircle. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
EV0028.txt
New eVuln Advisory: Wordcircle Multiple SQL Injection & XSS Vulnerabilities --------------------Summary---------------- Software: Wordcircle Sowtware's Web Site: http://www.wordcircle.org/ Versions: 2.17 Critical Level: Moderate Type: Multiple Vulnerabilities Class: Remote Status: Unpatched...
EV0027.txt
New eVuln Advisory: Wordcircle Authentication Bypass --------------------Summary---------------- Software: Wordcircle Sowtware's Web Site: http://www.wordcircle.org/ Versions: 2.17 Critical Level: Moderate Type: SQL Injection Class: Remote Status: Unpatched Exploit: Available Solution: Not...
CVE-2006-0205
Multiple SQL injection vulnerabilities in Wordcircle 2.17 allow remote attackers to 1 execute arbitrary SQL commands and bypass authentication via the password field in the login action to index.php involving vlogin.php and suser.php and 2 have other unknown impact via certain other fields in...
Sql injection
Multiple SQL injection vulnerabilities in Wordcircle 2.17 allow remote attackers to 1 execute arbitrary SQL commands and bypass authentication via the password field in the login action to index.php involving vlogin.php and suser.php and 2 have other unknown impact via certain other fields in...
CVE-2006-0204
Multiple cross-site scripting XSS vulnerabilities in Wordcircle 2.17 allow remote attackers to inject arbitrary web script or HTML via 1 the "Course name" field in index.php when the frm parameter has the value "mine" and 2 possibly certain other fields in unspecified scripts...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Wordcircle 2.17 allow remote attackers to inject arbitrary web script or HTML via 1 the "Course name" field in index.php when the frm parameter has the value "mine" and 2 possibly certain other fields in unspecified scripts...
CVE-2006-0205
CVE-2006-0205 covers multiple SQL injection vulnerabilities in Wordcircle 2.17. The documented vectors include: (1) bypassing authentication and executing arbitrary SQL via the password field in the login action to index.php (involving v_login.php and s_user.php); and (2) additional, unspecified ...
CVE-2006-0205
Multiple SQL injection vulnerabilities in Wordcircle 2.17 allow remote attackers to 1 execute arbitrary SQL commands and bypass authentication via the password field in the login action to index.php involving vlogin.php and suser.php and 2 have other unknown impact via certain other fields in...
CVE-2006-0204
Multiple cross-site scripting XSS vulnerabilities in Wordcircle 2.17 allow remote attackers to inject arbitrary web script or HTML via 1 the "Course name" field in index.php when the frm parameter has the value "mine" and 2 possibly certain other fields in unspecified scripts...
CVE-2006-0204
CVE-2006-0204 affects Wordcircle 2.17. The vulnerability is described as multiple cross-site scripting (XSS) flaws that allow remote attackers to inject arbitrary web script or HTML via the “Course name” field in index.php when the frm parameter has the value “mine,” and possibly additional field...
[eVuln] Wordcircle Authentication Bypass
New eVuln Advisory: Wordcircle Authentication Bypass --------------------Summary---------------- Software: Wordcircle Sowtware's Web Site: http://www.wordcircle.org/ Versions: 2.17 Critical Level: Moderate Type: SQL Injection Class: Remote Status: Unpatched Exploit: Available Solution: Not...
[eVuln] Wordcircle Multiple SQL Injection & XSS Vulnerabilities
New eVuln Advisory: Wordcircle Multiple SQL Injection & XSS Vulnerabilities --------------------Summary---------------- Software: Wordcircle Sowtware's Web Site: http://www.wordcircle.org/ Versions: 2.17 Critical Level: Moderate Type: Multiple Vulnerabilities Class: Remote Status: Unpatched...