SQL injection vulnerability in admin/admin.php in E-topbiz Slide Popups 1.0 allows remote attackers to execute arbitrary SQL commands via the password parameter. Date published : 2009-02-24 http://www.securityfocus.com/bid/32171 https://www.exploit-db.com/exploits/7036
SQL injection vulnerability in lib/user/t_user.php in SaturnCMS allows remote attackers to execute arbitrary SQL commands via the username parameter to the _userLoggedIn function. NOTE: some of these details are obtained from third party information....
SQL injection vulnerability in lib/url/meta_url.php in SaturnCMS allows remote attackers to execute arbitrary SQL commands via the URL to the translate function. NOTE: the provenance of this information is unknown; the details are obtained...
SQL injection vulnerability in view.php in E-topbiz AdManager 4 allows remote attackers to execute arbitrary SQL commands via the group parameter. Date published : 2009-02-24 http://www.securityfocus.com/bid/32328 https://www.exploit-db.com/exploits/7138
SQL injection vulnerability in index.php in Ultrastats 0.2.144 and 0.3.11 allows remote attackers to execute arbitrary SQL commands via the serverid parameter. Date published : 2009-02-24 http://www.securityfocus.com/bid/32340 https://www.exploit-db.com/exploits/7148
Cross-site scripting (XSS) vulnerability in search.asp in QuadComm Q-Shop 3.0, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the srkeys parameter. Date published : 2009-02-24 http://www.securityfocus.com/bid/32329 https://www.exploit-db.com/exploits/7141
SQL injection vulnerability in users.asp in QuadComm Q-Shop 3.0, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the (1) UserID and (2) Pwd parameters. NOTE: this might be related to...
SQL injection vulnerability in default.asp in Openasp 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the idpage parameter in the pages module. Date published : 2009-02-24 http://www.securityfocus.com/bid/32322 https://www.exploit-db.com/exploits/7137
SQL injection vulnerability in admincp/admincalendar.php in vBulletin 3.7.3.pl1 allows remote authenticated administrators to execute arbitrary SQL commands via the holidayinfo[recurring] parameter, a different vector than CVE-2005-3022. Date published : 2009-02-24 http://www.securityfocus.com/archive/1/498369/100/0/threaded http://www.waraxe.us/advisory-68.html
Multiple SQL injection vulnerabilities in vBulletin 3.7.4 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) answer parameter to admincp/verify.php, (2) extension parameter in an edit action to admincp/attachmentpermission.php, and the...
SQL injection vulnerability in scripts/documents.php in Jadu Galaxies allows remote attackers to execute arbitrary SQL commands via the categoryID parameter. Date published : 2009-02-24 http://www.securityfocus.com/bid/32337 https://www.exploit-db.com/exploits/7144
Directory traversal vulnerability in data/inc/lib/pcltar.lib.php in Pluck 4.5.3, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the g_pcltar_lib_dir parameter. Date published : 2009-02-24...
Stack-based buffer overflow in the smc program in smcFanControl 2.1.2 allows local users to execute arbitrary code and gain privileges via a long -k option. Date published : 2009-02-24 http://www.securityfocus.com/bid/32252 http://www.macupdate.com/info.php/id/23049
PHP remote file inclusion vulnerability in includes/init.php in phpFan 3.3.4 allows remote attackers to execute arbitrary PHP code via a URL in the includepath parameter. Date published : 2009-02-24 http://www.securityfocus.com/bid/32335 http://scripts.ishallnotcare.org/2008/11/18/phpfan-335-security-release-important/