8 matches found
EUVD-2006-0212
Malware in sbrugna...
EUVD-2006-0213
Malware in sbrugna...
Sql injection
Multiple SQL injection vulnerabilities in Wordcircle 2.17 allow remote attackers to 1 execute arbitrary SQL commands and bypass authentication via the password field in the login action to index.php involving vlogin.php and suser.php and 2 have other unknown impact via certain other fields in...
CVE-2006-0204
Multiple cross-site scripting XSS vulnerabilities in Wordcircle 2.17 allow remote attackers to inject arbitrary web script or HTML via 1 the "Course name" field in index.php when the frm parameter has the value "mine" and 2 possibly certain other fields in unspecified scripts...
CVE-2006-0205
Multiple SQL injection vulnerabilities in Wordcircle 2.17 allow remote attackers to 1 execute arbitrary SQL commands and bypass authentication via the password field in the login action to index.php involving vlogin.php and suser.php and 2 have other unknown impact via certain other fields in...
CVE-2006-0204
CVE-2006-0204 affects Wordcircle 2.17. The vulnerability is described as multiple cross-site scripting (XSS) flaws that allow remote attackers to inject arbitrary web script or HTML via the “Course name” field in index.php when the frm parameter has the value “mine,” and possibly additional field...
CVE-2006-0205
CVE-2006-0205 covers multiple SQL injection vulnerabilities in Wordcircle 2.17. The documented vectors include: (1) bypassing authentication and executing arbitrary SQL via the password field in the login action to index.php (involving v_login.php and s_user.php); and (2) additional, unspecified ...
CVE-2006-0204
Multiple cross-site scripting XSS vulnerabilities in Wordcircle 2.17 allow remote attackers to inject arbitrary web script or HTML via 1 the "Course name" field in index.php when the frm parameter has the value "mine" and 2 possibly certain other fields in unspecified scripts...