SQL injection vulnerability in viewimage.php in Particle Gallery 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the imageid parameter. Date published : 2006-06-06 http://www.securityfocus.com/bid/18270 http://pridels0.blogspot.com/2006/06/particle-gallery-sql-inj.html
SQL injection vulnerability in index.php in Particle Wiki 1.0.2 and earlier allows remote attackers to execute arbitrary SQL commands via the version parameter. Date published : 2006-06-06 http://www.securityfocus.com/bid/18273 http://pridels0.blogspot.com/2006/06/particle-wiki-sql-inj.html
PHP remote file inclusion vulnerability in Webspotblogging 3.0.1 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) inc/logincheck.inc.php, (2) inc/adminheader.inc.php, (3) inc/global.php, or (4) inc/mainheader.inc.php. NOTE:...
** DISPUTED ** PHP remote file inclusion vulnerability in MyBloggie 2.1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mybloggie_root_path parameter to (1) admin.php or (2) scode.php....
SQL injection vulnerability in viewmsg.asp in LocazoList Classifieds 1.05e allows remote attackers to execute arbitrary SQL commands via the msgid parameter. Date published : 2006-06-06 http://www.securityfocus.com/bid/18254 http://www.securityfocus.com/archive/1/435867/100/0/threaded
SQL injection vulnerability in index.php in LifeType 1.0.4 allows remote attackers to execute arbitrary SQL commands via the articleId parameter in a ViewArticle action (viewarticleaction.class.php). Date published : 2006-06-06 http://www.securityfocus.com/bid/18264 http://www.securityfocus.com/archive/1/435874/100/0/threaded
ActiveState ActivePerl 5.8.8.817 for Windows configures the site/lib directory with "Users" group permissions for changing files, which allows local users to gain privileges by creating a malicious sitecustomize.pl file in that directory. NOTE: The...
SQL injection vulnerability in index.php in xueBook 1.0 allows remote attackers to execute arbitrary SQL commands via the start parameter. Date published : 2006-06-06 http://www.securityfocus.com/bid/18262 http://downloads.securityfocus.com/vulnerabilities/exploits/xueBook_poc.txt
SQL injection vulnerability in index.php in iBWd Guestbook 1.0 allows remote attackers to execute arbitrary SQL commands via the offset parameter. Date published : 2006-06-06 http://www.securityfocus.com/bid/18256 http://downloads.securityfocus.com/vulnerabilities/exploits/iBWD_poc.txt
SQL injection vulnerability in content.php in abarcar Realty Portal 5.1.5 allows remote attackers to execute arbitrary SQL commands via the cat parameter. Date published : 2006-06-06 http://www.securityfocus.com/bid/18218 http://downloads.securityfocus.com/vulnerabilities/exploits/abarcar_sql_poc.txt
PHP remote file inclusion vulnerability in dotWidget CMS 1.0.6 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the file_path parameter in (1) index.php, (2)...
Cross-site scripting (XSS) vulnerability in index.php in dotProject 2.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, which are not properly handled when the client is using...
Cross-site scripting (XSS) vulnerability in recentchanges.php in PHP Labware LabWiki 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the help parameter. Date published : 2006-06-06 http://www.securityfocus.com/bid/18267 http://pridels0.blogspot.com/2006/06/labwiki-xss-vuln.html
PHP remote file inclusion vulnerability in includes/webdav/server.php in Bytehoard 2.1 Epsilon/Delta allows remote attackers to execute arbitrary PHP code via a URL in the bhconfig[bhfilepath] parameter. Date published : 2006-06-06 http://www.securityfocus.com/bid/18234 http://www.securityfocus.com/archive/1/435728/100/0/threaded