Cross-site scripting (XSS) vulnerability in index.php in singapore 0.9.7 allows remote attackers to inject arbitrary web script or HTML via the image parameter. Date published : 2006-05-09 http://www.securityfocus.com/bid/17874 http://www.securityfocus.com/archive/1/433250/100/0/threaded
PHP remote file inclusion vulnerability in day.php in ACal 2.2.6 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. Date published : 2006-05-09 http://www.securityfocus.com/bid/17886 https://www.exploit-db.com/exploits/1763
Cross-site scripting (XSS) vulnerability in the project module (project.module) in Drupal 4.5 and 4.6 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. Date published : 2006-05-09 http://www.securityfocus.com/bid/17885 http://drupal.org/node/62406
SQL injection vulnerability in Logon.asp in MaxxSchedule 1.0 allows remote attackers to execute arbitrary SQL commands via the txtLogon parameter. Date published : 2006-05-09 http://www.securityfocus.com/bid/17892 http://www.osvdb.org/25447
Cross-site scripting (XSS) vulnerability in Logon.asp in MaxxSchedule 1.0 allows remote attackers to inject arbitrary web script or HTML via the Error parameter. Date published : 2006-05-09 http://www.securityfocus.com/bid/17892 http://www.osvdb.org/25446
Cross-site scripting (XSS) vulnerability in index.php in easyEvent 1.2 allows remote attackers to inject arbitrary web script or HTML via the curr_year parameter. Date published : 2006-05-09 http://www.securityfocus.com/bid/17891 http://www.osvdb.org/25341
PHP remote file inclusion vulnerability in includes/dbal.php in EQdkp 1.3.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the eqdkp_root_path parameter. Date published : 2006-05-09 http://www.securityfocus.com/bid/17888 https://www.exploit-db.com/exploits/1764
Multiple SQL injection vulnerabilities in Creative Community Portal 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter to (a) ArticleView.php, (2) forum_id parameter to (b) DiscView.php or...
Buffer overflow in filecpnt.exe in FileCOPA 1.01 allows remote attackers to cause a denial of service (application crash) via a username with a large number of newline characters. Date published : 2006-05-09 http://www.securityfocus.com/bid/17881 http://blacksecurity.org/exploits/38/FILECOPA_V1.01_and_Below_Pre_Authentication_Remote_Overflow/111.html
PHP remote file inclusion vulnerability in visible_count_inc.php in Statit 4 (060207) allows remote attackers to execute arbitrary PHP code via a URL in the statitpath parameter. Date published : 2006-05-09 http://www.securityfocus.com/bid/17887 https://www.exploit-db.com/exploits/1752
Cross-site scripting vulnerability in submit.php in OpenFAQ 0.4.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter. Date published : 2006-05-09 http://www.securityfocus.com/bid/17860 http://www.securityfocus.com/archive/1/433120/100/0/threaded
SQL injection vulnerability in the do_mmod function in mod.php in Invision Community Blog (ICB) 1.1.2 final through 1.2 allows remote attackers with moderator privileges to execute arbitrary SQL commands via the selectedbids parameter. Date...
CuteNews 1.4.1 allows remote attackers to obtain sensitive information via a direct request to (1) /inc/show.inc.php or (2) /inc/functions.inc.php, which reveal the path in an error message. Date published : 2006-05-09 http://www.securityfocus.com/archive/1/433058/100/0/threaded http://www.osvdb.org/25305
Multiple cross-site scripting (XSS) vulnerabilities in search.php in CuteNews 1.4.1 and earlier, and possibly 1.4.5, allow remote attackers to inject arbitrary web script or HTML via the (1) user, (2) story, or (3) title...