Multiple SQL injection vulnerabilities in Digital Hive 2.0 RC2 and earlier allow (1) remote attackers to execute arbitrary SQL commands via the selectskin parameter to an unspecified program, or (2) remote authenticated administrators to...
PHP remote file inclusion vulnerability in view_func.php in Member Area System (MAS) 1.7 and possibly others allows remote attackers to execute arbitrary PHP code via a URL in the i parameter. NOTE: a second...
Multiple SQL injection vulnerabilities in ImageAlbum 2.0.0b2 allow remote attackers to execute arbitrary SQL commands via the id, which is not properly handled in (1) classes/IADomain.php, (2) classes/IACollection.php, and (3) classes/IAUser.php, as demonstrated via...
PHP remote file inclusion vulnerability in VisionBurst vcart 3.3.2 allows remote attackers to execute arbitrary PHP code via a URL in the abs_path parameter to (1) index.php and (2) checkout.php. Date published : 2008-01-15...
SQL injection vulnerability in admin/login.php in Article Dashboard allows remote attackers to execute arbitrary SQL commands via the (1) user or (2) password fields. Date published : 2008-01-15 http://www.securityfocus.com/bid/27286 http://www.securityfocus.com/archive/1/486323/100/0/threaded
ngIRCd 0.10.x before 0.10.4 and 0.11.0 before 0.11.0-pre2 allows remote attackers to cause a denial of service (crash) via crafted IRC PART message, which triggers an invalid dereference. Date published : 2008-01-15 http://www.securityfocus.com/bid/27318 http://bugs.gentoo.org/show_bug.cgi?id=204834
Cross-site scripting (XSS) vulnerability in Simple Machines Forum (SMF) 1.1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) Itemid or (2) topic arguments. Date published : 2008-01-15 http://www.securityfocus.com/bid/27218...
PHP remote file inclusion vulnerability in /aides/index.php in DomPHP 0.81 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. Date published : 2008-01-15 http://www.securityfocus.com/bid/27226 https://www.exploit-db.com/exploits/4883
SQL injection vulnerability in welcome/inscription.php in DomPHP 0.81 and earlier allows remote attackers to execute arbitrary SQL commands via the mail parameter. Date published : 2008-01-15 http://www.securityfocus.com/bid/27212 https://www.exploit-db.com/exploits/4880
SQL injection vulnerability in liste.php in ID-Commerce 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the idFamille parameter. Date published : 2008-01-15 http://www.securityfocus.com/bid/27220 http://lists.grok.org.uk/pipermail/full-disclosure/2008-January/059537.html
SQL injection vulnerability in index.php in MTCMS 2.0 and possibly earlier versions allows remote attackers to execute arbitrary SQL commands via the (1) a or (2) cid parameter. Date published : 2008-01-15 http://www.securityfocus.com/bid/27224 http://www.securityfocus.com/archive/1/486090/100/0/threaded
SQL injection vulnerability in liretopic.php in Xforum 1.4 and possibly others allows remote attackers to execute arbitrary SQL commands via the topic parameter. NOTE: the categorie parameter might also be affected. Date published :...
SQL injection vulnerability in index.php in X7 Chat 2.0.5 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the day parameter in a sm_window action. Date published : 2008-01-15 http://www.securityfocus.com/bid/27277 https://www.exploit-db.com/exploits/4907
Unspecified vulnerability in the Fileshare module for Drupal allows remote authenticated users with node-creation privileges to execute arbitrary code via unspecified vectors. Date published : 2008-01-15 http://drupal.org/node/208537 https://exchange.xforce.ibmcloud.com/vulnerabilities/39609