** DISPUTED ** scripts/wwwacct in cPanel 11.18.6 STABLE and earlier and 11.23.1 CURRENT and earlier allows remote authenticated users with reseller privileges to execute arbitrary code via shell metacharacters in the Email address field...
SQL injection vulnerability in index.php in MxBB (aka MX-System) Portal 2.7.3 allows remote attackers to execute arbitrary SQL commands via the page parameter. Date published : 2008-05-28 http://www.securityfocus.com/bid/29307 https://www.exploit-db.com/exploits/5659
SQL injection vulnerability in index.php in Netious CMS 0.4 allows remote attackers to execute arbitrary SQL commands via the pageid parameter, a different vector than CVE-2006-4047. Date published : 2008-05-27 http://www.securityfocus.com/bid/29319 https://www.exploit-db.com/exploits/5661
SQL injection vulnerability in faq.php in vBulletin 3.7.0 Gold allows remote attackers to execute arbitrary SQL commands via the q parameter in a search action. Date published : 2008-05-27 http://www.securityfocus.com/bid/29293 http://www.securityfocus.com/archive/1/492290/100/0/threaded
Directory traversal vulnerability in page.php in EntertainmentScript 1.4.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page parameter. Date published : 2008-05-27 http://www.securityfocus.com/bid/29306 https://www.exploit-db.com/exploits/5655
Cross-site scripting (XSS) vulnerability in index.php in Starsgames Control Panel 4.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the st parameter. Date published : 2008-05-27 http://www.securityfocus.com/bid/29295 http://www.securityfocus.com/archive/1/492264/100/0/threaded
SQL injection vulnerability in jokes_category.php in PHP-Jokesite 2.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. Date published : 2008-05-27 http://www.securityfocus.com/bid/29308 https://www.exploit-db.com/exploits/5660
SQL injection vulnerability in index.php in ComicShout 2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the comic_id parameter. Date published : 2008-05-27 http://www.securityfocus.com/bid/29301 http://www.comicshout.com/
SQL injection vulnerability in comment.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows remote attackers to execute arbitrary SQL commands via the rid parameter. Date published : 2008-05-27 http://www.securityfocus.com/bid/29181 https://www.exploit-db.com/exploits/5604
SQL injection vulnerability in the xsstream-dm (com_xsstream-dm) component 0.01 Beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the movie parameter to index.php. Date published : 2008-05-27 http://www.securityfocus.com/bid/29144 http://www.securityfocus.com/archive/1/491943/100/0/threaded
Multiple SQL injection vulnerabilities in PHP Classifieds Script allow remote attackers to execute arbitrary SQL commands via the fatherID parameter to (1) browse.php and (2) search.php. Date published : 2008-05-27 http://www.securityfocus.com/bid/29169 https://www.exploit-db.com/exploits/5599
Cross-site scripting (XSS) vulnerability in the Questionaire (aka pbsurvey) extension 1.2.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Date published : 2008-05-27 http://typo3.org/teams/security/security-bulletins/typo3-20080513-2 https://exchange.xforce.ibmcloud.com/vulnerabilities/42365
Multiple SQL injection vulnerabilities in the Statistics (aka ke_stats) extension 0.1.2 and earlier for TYPO3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. Date published : 2008-05-27 http://typo3.org/teams/security/security-bulletins/typo3-20080513-4 https://exchange.xforce.ibmcloud.com/vulnerabilities/42368
Multiple cross-site scripting (XSS) vulnerabilities in the Statistics (aka ke_stats) extension 0.1.2 and earlier for TYPO3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Date published : 2008-05-27 http://typo3.org/teams/security/security-bulletins/typo3-20080513-4...