4 matches found
CVE-2007-2600
CVE-2007-2600 involves multiple reflected XSS vulnerabilities in TutorialCMS (aka Photoshop Tutorials) 1.00 and earlier. The issue allows remote attackers to inject arbitrary web script or HTML via: (1) the catFile parameter to browseCat.php or browseSubCat.php; (2) the id parameter to openTutori...
CVE-2007-2822
TutorialCMS
CVE-2008-0254
CVE-2008-0254 is a SQL injection vulnerability in TutorialCMS (Photoshop Tutorials) 1.02, affecting activate.php. When magic_quotes_gpc is disabled, remote attackers can inject SQL via the userName parameter. Documented impact is partial confidentiality/integrity/availability with CVSS 2.0 base s...
CVE-2007-2599
TutorialCMS (aka Photoshop Tutorials) 1.00 and earlier contains multiple SQL injection vulnerabilities. The affected components include (1) catFile parameter for browseCat.php and browseSubCat.php, (2) id parameter for openTutorial.php, topFrame.php, and admin/editListing.php, and (3) the search ...