SQL injection vulnerability in index.php in MycroCMS 0.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the entry_id parameter. Date published : 2008-06-18 http://www.securityfocus.com/bid/29671 https://www.exploit-db.com/exploits/5787
PHP remote file inclusion vulnerability in authentication/smf/smf.functions.php in Simple Machines phpRaider 1.0.6 and 1.0.7 allows remote attackers to execute arbitrary PHP code via a URL in the pConfig_auth[smf_path] parameter. Date published : 2008-06-18 http://www.securityfocus.com/archive/1/493275/100/0/threaded...
Cross-site scripting (XSS) vulnerability in admin/search.asp in Xigla Poll Manager XE allows remote authenticated users with administrator role privileges to inject arbitrary web script or HTML via unspecified vectors ("all fields"). Date published :...
SQL injection vulnerability in search.asp in Xigla Poll Manager XE allows remote authenticated users with administrator role privileges to execute arbitrary SQL commands via the orderby parameter. Date published : 2008-06-18 http://www.securityfocus.com/bid/29672 http://marc.info/?l=bugtraq&m=121322052622903&w=2
Cross-site scripting (XSS) vulnerability in Xigla Absolute Image Gallery XE allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in (1) admin/search.asp and (2) gallery.asp. Date published : 2008-06-18 http://www.securityfocus.com/bid/29672...
SQL injection vulnerability in gallery.asp in Xigla Absolute Image Gallery XE allows remote attackers to execute arbitrary SQL commands via the categoryid parameter in a viewimage action. Date published : 2008-06-18 http://www.securityfocus.com/bid/29672 http://marc.info/?l=bugtraq&m=121322052622903&w=2
Cross-site scripting (XSS) vulnerability in admin/search.asp in Xigla Absolute Live Support XE 5.1 allows remote authenticated administrators to inject arbitrary web script or HTML via unspecified vectors ("all fields"). Date published : 2008-06-18 http://www.securityfocus.com/bid/29672...
SQL injection vulnerability in search.asp in Xigla Absolute Live Support XE 5.1 allows remote authenticated administrators to execute arbitrary SQL commands via the orderby parameter. Date published : 2008-06-18 http://www.securityfocus.com/bid/29672 http://marc.info/?l=bugtraq&m=121322052622903&w=2
SQL injection vulnerability in search.asp in Xigla Absolute Form Processor XE 4.0 allows remote authenticated administrators to execute arbitrary SQL commands via the orderby parameter. Date published : 2008-06-18 http://www.securityfocus.com/bid/29672 http://marc.info/?l=bugtraq&m=121322052622903&w=2
Multiple cross-site scripting (XSS) vulnerabilities in Xigla Absolute Banner Manager XE 2.0 allow remote authenticated administrators to inject arbitrary web script or HTML via the text parameter in (1) searchbanners.asp and (2) listadvertisers.asp, and...
SQL injection vulnerability in searchbanners.asp in Xigla Absolute Banner Manager XE 2.0 allows remote authenticated administrators to execute arbitrary SQL commands via the orderby parameter. Date published : 2008-06-18 http://www.securityfocus.com/bid/29672 http://marc.info/?l=bugtraq&m=121322052622903&w=2
Multiple cross-site scripting (XSS) vulnerabilities in Xigla Absolute Form Processor XE 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) showfields, (2) text, and (3) submissions parameters to search.asp...
Multiple cross-site scripting (XSS) vulnerabilities in Xigla Absolute News Manager XE 3.2 allow remote authenticated administrators to inject arbitrary web script or HTML via the (1) pblname and (2) text parameters to (a) admin/search.asp,...
SQL injection vulnerability in search.asp in Xigla Absolute News Manager XE 3.2 allows remote authenticated administrators to execute arbitrary SQL commands via the orderby parameter. Date published : 2008-06-18 http://www.securityfocus.com/bid/29672 http://marc.info/?l=bugtraq&m=121322052622903&w=2