SQL injection vulnerability in printer_friendly.cfm in e-publish CMS 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. Date published : 2005-12-20 http://www.securityfocus.com/bid/15964 http://pridels0.blogspot.com/2005/12/e-publish-cms-vuln.html
Cross-site scripting (XSS) vulnerability in damoon allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the q parameter. Date published : 2005-12-20 http://www.securityfocus.com/bid/15949 http://pridels0.blogspot.com/2005/12/damoon-xss-vuln.html
SQL injection vulnerability in index.php in ContentServ 3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the StoryID parameter. Date published : 2005-12-20 http://www.securityfocus.com/bid/15956 http://pridels0.blogspot.com/2005/12/contentserv-31-sql-inj.html
fetchmail before 6.3.1 and before 6.2.5.5, when configured for multidrop mode, allows remote attackers to cause a denial of service (application crash) by sending messages without headers from upstream mail servers. Date published :...
search.cfm in CONTENS 3.0 and earlier allows remote attackers to obtain the full server path via invalid (1) submit.y, (2) bool, (3) itemsperpage, (4) submit, (5) submit.x, (6) criteria, (7) advanced, and (8) intern...
Cross-site scripting (XSS) vulnerability in search.cfm in CONTENS 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the near parameter. Date published : 2005-12-19 http://www.securityfocus.com/bid/15943 http://pridels0.blogspot.com/2005/12/contens-searchcfm-multiple-input.html
Cross-site scripting (XSS) vulnerability in home.php in contenite 0.11 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter. Date published : 2005-12-19 http://www.securityfocus.com/bid/15942 http://pridels0.blogspot.com/2005/12/contenite-xss-vuln.html
Cross-site scripting (XSS) vulnerability in Colony CMS 2.75 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters. Date published : 2005-12-19 http://www.securityfocus.com/bid/15941 http://pridels0.blogspot.com/2005/12/colony-cms-xss-vuln.html
Cross-site scripting (XSS) vulnerability in search.htm in Cofax 2.0 RC3 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchstring parameter. Date published : 2005-12-19 http://www.securityfocus.com/bid/15940 http://pridels0.blogspot.com/2005/12/cofax-xss-vuln.html
CitySoft Community Enterprise 4.x allows remote attackers to obtain the full path of the server via an invalid (1) fuseaction parameter to index.cfm and (2) documentid parameter to document/docWindow.cfm. Date published : 2005-12-19 http://pridels0.blogspot.com/2005/12/community-enterprise-4x-multiple-vuln.html...
Cross-site scripting (XSS) vulnerability in index.cfm in CitySoft Community Enterprise 4.x allows remote attackers to inject arbitrary web script or HTML via the (1) presentationSite, (2) docPublishYear, (3) docDescription, (4) publishState, (5) docAuthor, (6)...
SQL injection vulnerability in CitySoft Community Enterprise 4.x allows remote attackers to execute arbitrary SQL commands via the (1) nodeID, (2) pageID, (3) ID, and (4) parentid parameter to index.cfm; and (5) documentFormatId parameter...
Multiple cross-site scripting (XSS) vulnerabilities in Caravel CMS 3.0 Beta 1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) fileDN and (2) folderviewer_attrs parameters. Date published :...
Multiple SQL injection vulnerabilities in Bitweaver 1.1 and 1.1.1 beta allow remote attackers to execute arbitrary SQL commands via the (1) sort_mode parameter to (a) fisheye/list_galleries.php, (b) messages/message_box.php, and (c) users/my.php; the (2) post_id...