93 matches found
CVE-2006-3821
Multiple cross-site scripting XSS vulnerabilities in ATutor 1.5.3 allow remote attackers to inject arbitrary web script or HTML via the 1 lang parameter in a indexlist.php and 2 year, 3 month, and 4 day parameter in b registration.php...
DEBIAN-CVE-2006-3682
awstats.pl in AWStats 6.5 build 1.857 and earlier allows remote attackers to obtain the installation path via the 1 year, 2 pluginmode or 3 month parameters...
CVE-2005-2461
Multiple SQL injection vulnerabilities in the calendar feature in Kayako liveResponse 2.x allow remote attackers to execute arbitrary SQL commands via the 1 year or 2 date parameter...
Sql injection
SQL injection vulnerability in events.php in Maian Events 1.0 allows remote attackers to execute arbitrary SQL commands via the 1 month and 2 year parameters...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Jay Eckles CGI Calendar 2.7 allow remote attackers to inject arbitrary web script or HTML via the year parameter in 1 index.cgi and 2 viewday.cgi...
CVE-2006-0573
Multiple cross-site scripting XSS vulnerabilies in cPanel 10 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 email parameter to a editquota.html or b dodelpop.html; 2 showtree parameter to c diskusage.html; or the 3 mon, 4 year, 5 target, or 6 domain parameter ...
Cross site scripting
Cross-site scripting XSS vulnerability in ar-blog 5.2 allows remote attackers to inject arbitrary web script or HTML via the 1 month or 2 year parameter to index.php...
CVE-2006-0333
Cross-site scripting XSS vulnerability in ar-blog 5.2 allows remote attackers to inject arbitrary web script or HTML via the 1 month or 2 year parameter to index.php...
Sql injection
SQL injection vulnerability in index.php in microBlog 2.0 RC-10 allows remote attackers to execute arbitrary SQL commands via the 1 month and 2 year parameters...
CVE-2005-1866
Cross-site scripting XSS vulnerability in calendar.php in Calendarix Advanced 1.5 allows remote attackers to inject arbitrary web script or HTML via the year parameter...
CVE-2005-1634
Multiple cross-site scripting XSS vulnerabilities in JGS-XA JGS-Portal 3.0.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 anzahlbeitraege parameter to jgsportal.php, 2 year parameter to jgsportalstatistik.php, 3 year parameter to jgsportalbeitraggraf.php, 4...
CVE-2005-1500
Multiple SQL injection vulnerabilities in myBloggie 2.1.1 allow remote attackers to execute arbitrary SQL commands via 1 the keyword parameter in search.php; or 2 the dateno parameter in viewdate mode, 3 the catid parameter in viewcat mode, the 4 monthno or 5 year parameter in viewmonth mode, or ...
CVE-2003-1536
Multiple cross-site scripting XSS vulnerabilities in Codeworx Technologies DCP-Portal 5.3.1 allow remote attackers to inject arbitrary web script or HTML via 1 the q parameter to search.php and 2 the year parameter to calendar.php...