SQL injection vulnerability in lpro.php in Free Links Directory Script (FLDS) 1.2a allows remote attackers to execute arbitrary SQL commands via the id parameter. Date published : 2008-12-30 http://www.securityfocus.com/bid/32835 https://www.exploit-db.com/exploits/7474
SQL injection vulnerability in report.php in Free Links Directory Script (FLDS) 1.2a allows remote attackers to execute arbitrary SQL commands via the linkid parameter. Date published : 2008-12-30 http://www.securityfocus.com/bid/32859 https://www.exploit-db.com/exploits/7489
SQL injection vulnerability in index.php in CadeNix allows remote attackers to execute arbitrary SQL commands via the cid parameter. Date published : 2008-12-30 http://www.securityfocus.com/bid/32846 https://www.exploit-db.com/exploits/7480
Multiple directory traversal vulnerabilities in Aperto Blog 0.1.1 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) action parameter to admin.php and the (2) get parameter...
SQL injection vulnerability in categories.php in Aperto Blog 0.1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. Date published : 2008-12-30 http://www.securityfocus.com/bid/32853 https://www.exploit-db.com/exploits/7482
Multiple SQL injection vulnerabilities in ASPSiteWare HomeBuilder 1.0 and 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) iType parameter to (a) type.asp and (b) type2.asp and the (2) iPro parameter...
Nukedit 4.9.8 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing usernames and passwords via a direct request for database/dbsite.mdb. Date published...
Multiple SQL injection vulnerabilities in ASPSiteWare RealtyListings 1.0 and 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) iType parameter to type.asp and the (2) iPro parameter to detail.asp. Date published...
Directory traversal vulnerability in test.php in PHP Weather 2.2.2 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the language parameter. Date published : 2008-12-30 http://www.securityfocus.com/bid/32820 https://www.exploit-db.com/exploits/7451
Cross-site scripting (XSS) vulnerability in config/make_config.php in PHP Weather 2.2.2 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. Date published : 2008-12-30 http://www.securityfocus.com/bid/32820 https://www.exploit-db.com/exploits/7451
Multiple cross-site scripting (XSS) vulnerabilities in Kerio MailServer before 6.6.2 allow remote attackers to inject arbitrary web script or HTML via the (1) folder parameter to mailCompose.php or the (2) daytime parameter to calendarEdit.php....
SQL injection vulnerability in print.php in the AM Events (aka Amevents) module 0.22 for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter. Date published : 2008-12-30 http://www.securityfocus.com/bid/32848 https://www.exploit-db.com/exploits/7479
SQL injection vulnerability in authors.asp in gNews Publisher allows remote attackers to execute arbitrary SQL commands via the authorID parameter. Date published : 2008-12-30 http://www.securityfocus.com/bid/32883 https://www.exploit-db.com/exploits/7495
SQL injection vulnerability in download.php in Farsi Script Faupload allows remote attackers to execute arbitrary SQL commands via the id parameter. Date published : 2008-12-30 http://www.securityfocus.com/bid/32858 https://www.exploit-db.com/exploits/7487