3 matches found
CVE-2009-3117
CVE-2009-3117 describes a SQL injection vulnerability in category.php of Snow Hall Silurus System 1.0, where the attacker can craft the ID parameter to execute arbitrary SQL commands. The affected software is Snow Hall Silurus System 1.0; the vulnerable component is category.php. The initial disc...
CVE-2009-4983
CVE-2009-4983 affects Silurus Classifieds 1.0 with multiple XSS flaws that allow remote attackers to inject arbitrary script/HTML via ID parameters in category.php and wcategory.php, and the keywords parameter in search.php. The connected sources corroborate the issue across Red Hat, NVD, and CVE...
CVE-2009-3082
The vulnerability CVE-2009-3082 affects Snow Hall Silurus System 1.0, specifically the wcategory.php component. The issue is described as a SQL injection via the ID parameter, enabling remote attackers to execute arbitrary SQL commands. The report does not provide details on affected versions bey...