PHP remote file inclusion vulnerability in include/global.php in Multi SEO phpBB 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the pfad parameter. Date published : 2009-03-02 http://www.securityfocus.com/bid/32619 https://www.exploit-db.com/exploits/7335
SQL injection vulnerability in main.asp in Jbook allows remote attackers to execute arbitrary SQL commands via the password (pass parameter). Date published : 2009-03-02 http://www.securityfocus.com/bid/32599 http://packetstormsecurity.org/0812-exploits/jbook-disclosesql.txt
JBook stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to userids.mdb. Date published : 2009-03-02 http://packetstormsecurity.org/0812-exploits/jbook-disclosesql.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/47034
CodefixerSoftware MailingListPro Free Edition stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to db/MailingList.mdb. Date published : 2009-03-02 https://www.exploit-db.com/exploits/7325...
Unspecified vulnerability in Nagios before 3.0.6 has unspecified impact and remote attack vectors related to CGI programs, "adaptive external commands," and "writing newlines and submitting service comments." Date published : 2009-03-02 http://www.securityfocus.com/bid/32611 http://www.nagios.org/development/history/nagios-3x.php
SQL injection vulnerability in default.asp in Ocean12 FAQ Manager Pro 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter in a Cat action. NOTE: some of these details are obtained...
SQL injection vulnerability in login.asp in Ocean12 Membership Manager Pro allows remote attackers to execute arbitrary SQL commands via the username (Username parameter). Date published : 2009-03-02 http://www.securityfocus.com/bid/32508 https://www.exploit-db.com/exploits/7254
Cross-site scripting (XSS) vulnerability in default.asp in Ocean12 Contact Manager Pro 1.02 allows remote attackers to inject arbitrary web script or HTML via the DisplayFormat parameter. Date published : 2009-03-02 http://www.securityfocus.com/bid/32503 https://www.exploit-db.com/exploits/7244
SQL injection vulnerability in default.asp in Ocean12 Contact Manager Pro 1.02 allows remote attackers to execute arbitrary SQL commands via the Sort parameter. Date published : 2009-03-02 http://www.securityfocus.com/bid/32502 https://www.exploit-db.com/exploits/7244
SQL injection vulnerability in index.php in Chipmunk Guestbook 1.4m allows remote attackers to execute arbitrary SQL commands via the start parameter. Date published : 2009-03-02 http://www.securityfocus.com/bid/18195 http://packetstorm.linuxsecurity.com/0811-exploits/chipmunkguestbook-sqlxss.txt
Unrestricted file upload vulnerability in Photos/create_album.php in Social Groupie allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the...
SQL injection vulnerability in logon.jsp in Ad Server Solutions Affiliate Software Java 4.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password, possibly related to the uname and...
SQL injection vulnerability in logon.jsp in Ad Server Solutions Ad Management Software Java allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password, related to the uname or pass...
SQL injection vulnerability in logon_process.jsp in Ad Server Solutions Banner Exchange Solution Java allows remote attackers to execute arbitrary SQL commands via the (1) username (uname parameter) and (2) password (pass parameter). NOTE: some...