Multiple cross-site request forgery (CSRF) vulnerabilities in Streber before 0.08093 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors. Date published : 2009-02-27 http://sourceforge.net/project/shownotes.php?group_id=145255&release_id=640914 http://osvdb.org/49893
SQL injection vulnerability in index.php in MyTopix 1.3.0 and earlier allows remote authenticated users to execute arbitrary SQL commands via the send parameter in a notes action. Date published : 2009-02-27 http://www.securityfocus.com/bid/32362 https://www.exploit-db.com/exploits/7160
SQL injection vulnerability in Employee/login.asp in Pre ASP Job Board allows remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password parameters, as reachable from Employee/emp_login.asp. NOTE: some of these...
SQL injection vulnerability in view.php in Butterfly Organizer 2.0.0 and 2.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. Date published : 2009-02-27 http://www.securityfocus.com/bid/29700 https://www.exploit-db.com/exploits/5797
SQL injection vulnerability in index.php in ProQuiz 1.0 allows remote attackers to execute arbitrary SQL commands via the password parameter, a different vector than CVE-2008-6312. Date published : 2009-02-27 https://www.exploit-db.com/exploits/7397 https://exchange.xforce.ibmcloud.com/vulnerabilities/47196
SQL injection vulnerability in login.php in Simple Customer as downloaded on 20081118 allows remote attackers to execute arbitrary SQL commands via the email parameter. NOTE: the provenance of this information is unknown; the details...
Multiple cross-site scripting (XSS) vulnerabilities in Softbiz Classifieds Script allow remote attackers to inject arbitrary web script or HTML via the (1) radio parameter to showcategory.php, (2) msg parameter to advertisers/signinform.php, (3) radio parameter...
SQL injection vulnerability in forummessages.cfm in CF_Forum allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter. Date published : 2009-02-27 http://www.securityfocus.com/bid/32767 https://www.exploit-db.com/exploits/7416
SQL injection vulnerability in forummessages.cfm in CFMSource CF_Auction allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter. Date published : 2009-02-27 http://www.securityfocus.com/bid/32767 https://www.exploit-db.com/exploits/7414
SQL injection vulnerability in index.cfm in CFMSource CFMBlog allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter. Date published : 2009-02-27 http://www.securityfocus.com/bid/32768 https://www.exploit-db.com/exploits/7415
CF Shopkart 5.2.2 stores cfshopkart52.mdb under the web root with insufficient access control, which allows remote attackers to obtain sensitive information, such as usernames and passwords, via a direct request. Date published : 2009-02-27...
SQL injection vulnerability in index.cfm in CF Shopkart 5.2.2 allows remote attackers to execute arbitrary SQL commands via the Category parameter in a ViewCategory action. Date published : 2009-02-27 http://www.securityfocus.com/bid/32765 https://www.exploit-db.com/exploits/7412
SQL injection vulnerability in calendarevent.cfm in CF_Calendar allows remote attackers to execute arbitrary SQL commands via the calid parameter. Date published : 2009-02-27 http://www.securityfocus.com/bid/32766 https://www.exploit-db.com/exploits/7413
PHP remote file inclusion vulnerability in _conf/_php-core/common-tpl-vars.php in PHPmyGallery 1.5 beta allows remote attackers to execute arbitrary PHP code via a URL in the admindir parameter, a different vector than CVE-2008-6317. Date published :...