SQL injection vulnerability in view_news.php in Vastal I-Tech MMORPG Zone allows remote attackers to execute arbitrary SQL commands via the news_id parameter. NOTE: the game_id vector is already covered by CVE-2008-4460. Date published :...
SQL injection vulnerability in offers_buy.php in Alibaba Clone 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. Date published : 2009-09-30 http://packetstormsecurity.org/0909-exploits/alibaba30-sql.txt http://secunia.com/advisories/36845
Multiple SQL injection vulnerabilities in search.aspx in BPowerHouse BPHolidayLettings 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) rid and (2) tid parameters. Date published : 2009-09-30 http://packetstormsecurity.org/0909-exploits/bpholidaylettings-sql.txt http://secunia.com/advisories/36833
SQL injection vulnerability in music.php in BPowerHouse BPMusic 1.0 allows remote attackers to execute arbitrary SQL commands via the music_id parameter. Date published : 2009-09-30 http://packetstormsecurity.org/0909-exploits/bpmusic-sql.txt http://secunia.com/advisories/36824
SQL injection vulnerability in students.php in BPowerHouse BPStudents 1.0 allows remote attackers to execute arbitrary SQL commands via the test parameter in a preview action. Date published : 2009-09-30 http://packetstormsecurity.org/0909-exploits/bpstudent-sql.txt http://osvdb.org/58293
Multiple SQL injection vulnerabilities in BPowerHouse BPGames 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) cat_id parameter to main.php and (2) game_id parameter to game.php. Date published : 2009-09-30 http://packetstormsecurity.org/0909-exploits/bpgames-sql.txt...
SQL injection vulnerability in employee.aspx in BPowerHouse BPLawyerCaseDocuments 1.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter. Date published : 2009-09-30 http://antisecurity.org/bplawyercasedocument-1-0-mssql-vulnerabilities.antisecurity http://secunia.com/advisories/36796
SQL injection vulnerability in php/update_article_hits.php in HBcms 1.7 allows remote attackers to execute arbitrary SQL commands via the article_id parameter. Date published : 2009-09-30 http://packetstormsecurity.org/0909-exploits/hbcms-sql.txt http://secunia.com/advisories/36854
SQL injection vulnerability in view_listing.php in Vastal I-Tech Agent Zone (aka The Real Estate Script) allows remote attackers to execute arbitrary SQL commands via the id parameter. Date published : 2009-09-30 http://www.packetstormsecurity.org/0909-exploits/realestaterealtors-sql.txt http://secunia.com/advisories/36812
Cross-site scripting (XSS) vulnerability in view_mag.php in Vastal I-Tech DVD Zone allows remote attackers to inject arbitrary web script or HTML via the mag_id parameter. Date published : 2009-09-30 http://www.securityfocus.com/bid/36487 http://antisecurity.org/dvd-zone-view_mag-phpmag_id-bsqlxss-multiple-remote-vulnerabilities.antisecurity
SQL injection vulnerability in view_mag.php in Vastal I-Tech DVD Zone allows remote attackers to execute arbitrary SQL commands via the mag_id parameter, a different vector than CVE-2008-4465. Date published : 2009-09-30 http://www.securityfocus.com/bid/36487 http://antisecurity.org/dvd-zone-view_mag-phpmag_id-bsqlxss-multiple-remote-vulnerabilities.antisecurity
Multiple SQL injection vulnerabilities in index.php in T-HTB Manager 0.5, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in a delete_category action, (2) the name...
Multiple cross-site scripting (XSS) vulnerabilities in Zenas PaoBacheca Guestbook 2.1 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) scrivi.php and (2) index.php. Date published : 2009-09-30 http://packetstormsecurity.org/0909-exploits/paobacheca-xss.txt...
Multiple PHP remote file inclusion vulnerabilities in Loggix Project 9.4.5 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the pathToIndex parameter to (1) Calendar.php, (2) Comment.php, (3) Rss.php...
