Cross-site scripting (XSS) vulnerability in login.php in EsPartenaires 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: the EsContacts 1.0 issue is covered in CVE-2008-2037. Date published...
SQL injection vulnerability in default.asp in ASP Product Catalog allows remote attackers to execute arbitrary SQL commands via the cid parameter, a different vector than CVE-2007-5220. Date published : 2009-07-24 http://www.securityfocus.com/bid/25884 http://marc.info/?l=bugtraq&m=122901307932738&w=2
Multiple SQL injection vulnerabilities in ASP SiteWare autoDealer 1 and 2 allow remote attackers to execute arbitrary SQL commands via the iType parameter in (1) Auto1/type.asp or (2) auto2/type.asp. Date published : 2009-07-24 http://www.securityfocus.com/bid/32812...
Cross-site scripting (XSS) vulnerability in productSearch.html in Censura 2.0.4 and 2.1.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter in a ProductSearch action. Date published : 2009-07-24 http://www.securityfocus.com/bid/35920...
Cross-site scripting (XSS) vulnerability in censura.php in Censura 1.16.04 allows remote attackers to inject arbitrary web script or HTML via the itemid parameter in a details action. Date published : 2009-07-24 http://www.securityfocus.com/bid/35637 http://www.exploit-db.com/exploits/9129
SQL injection vulnerability in censura.php in Censura 1.16.04 allows remote attackers to execute arbitrary SQL commands via the itemid parameter in a details action. Date published : 2009-07-24 http://www.securityfocus.com/bid/35637 http://www.exploit-db.com/exploits/9129
SQL injection vulnerability in guestbook.php in PHPJunkYard GBook 1.6 allows remote attackers to execute arbitrary SQL commands via the mes_id parameter. Date published : 2009-07-24 http://www.exploit-db.com/exploits/9197 https://exchange.xforce.ibmcloud.com/vulnerabilities/51827
SQL injection vulnerability in the MyAnnonces module for E-Xoopport 3.1 allows remote attackers to execute arbitrary SQL commands via the lid parameter in a viewannonces action to index.php. Date published : 2009-07-24 http://www.securityfocus.com/bid/35744 http://www.exploit-db.com/exploits/9217
SQL injection vulnerability in showcategory.php in Hutscripts PHP Website Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. Date published : 2009-07-24 http://packetstormsecurity.org/0907-exploits/hutscript-sqlxss.txt http://osvdb.org/56175
Multiple cross-site scripting (XSS) vulnerabilities in Hutscripts PHP Website Script allow remote attackers to inject arbitrary web script or HTML via the msg parameter to (1) feedback.php, (2) index.php, and (3) lostpassword.php. Date published...
Multiple cross-site scripting (XSS) vulnerabilities in Hotscripts Type PHP Clone Script allow remote attackers to inject arbitrary web script or HTML via the msg parameter to (1) feedback.php, (2) index.php, and (3) lostpassword.php. Date...
Multiple cross-site scripting (XSS) vulnerabilities in DragDropCart allow remote attackers to inject arbitrary web script or HTML via the (1) sid parameter to assets/js/ddcart.php, the (2) prefix parameter to includes/ajax/getstate.php, the search parameter to...
Cross-site scripting (XSS) vulnerability in articles.php in EDGEPHP EZArticles allows remote attackers to inject arbitrary web script or HTML via the title parameter. Date published : 2009-07-24 http://packetstormsecurity.org/0907-exploits/ezarticles-xss.txt http://osvdb.org/56002
SQL injection vulnerability in index.php in Mlffat 2.2 allows remote attackers to execute arbitrary SQL commands via a member cookie in an account editprofile action, a different vector than CVE-2009-1731. Date published : 2009-07-24...