Searching merchants indexphp software vulnerabilities

SQL injection vulnerability in sql.cls.php in I

vulnerability | sqlclsphp | injection | Board | SQL |

SQL injection vulnerability in sql.cls.php in Id Board 1.1.3 allows remote attackers to modify SQL queries, as demonstrated using the f parameter to index.php.


Cross-site scripting (XSS) vulnerability in Cut

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in CuteNews allows remote attackers to inject arbitrary web script or HTML via the mod parameter to index.php.


Unspecified vulnerability in the administration

administration | authentication | vulnerability | Unspecified | attackers | interface | indexphp | vectors | bypass | allows | remote | Links | Uresk | Lite | via |

Unspecified vulnerability in the administration interface in Uresk Links 2.0 Lite allows remote attackers to bypass authentication via unspecified vectors in index.php.


SQL injection vulnerability in merchants/index.

merchants/indexphp | vulnerability | Affiliate | injection | Post | Pro | SQL |

SQL injection vulnerability in merchants/index.php in Post Affiliate Pro 2.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the sortorder parameter.


merchants/index.php in Post Affiliate Pro 2.0.4

merchants/indexphp | Affiliate | Post | Pro |

merchants/index.php in Post Affiliate Pro 2.0.4 and earlier, with magic_quotes_gpc disabled, allows remote attackers to include arbitrary local files via the md parameter, possibly due to a directory traversal vulnerability.


Cross-site scripting (XSS) vulnerability in blo

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in blogBuddies 0.3 allows remote attackers to inject arbitrary web script or HTML via the u parameter to index.php.


PHP remote file include vulnerability in Marmar

vulnerability | E-commerce | MarmaraWeb | attackers | parameter | arbitrary | indexphp | include | execute | remote | allows | page | file | code | PHP | via |

PHP remote file include vulnerability in MarmaraWeb E-commerce allows remote attackers to execute arbitrary code via the page parameter to index.php.


Directory traversal vulnerability in include.ph

vulnerability | otherTemplate | Classifieds | includephp | attackers | parameter | arbitrary | Directory | traversal | indexphp | include | remote | allows | Noah's | local | files | via |

Directory traversal vulnerability in include.php in Noah's Classifieds 1.3 allows remote attackers to include arbitrary local files via the otherTemplate parameter to index.php.


SQL injection vulnerability in the sondages mod

vulnerability | injection | indexphp | sondages | PwsPHP | module | SQL |

SQL injection vulnerability in the sondages module in index.php in PwsPHP 1.2.3 allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.


Cross-site scripting (XSS) vulnerability in Cut

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in CuteNews 1.4.1 allows remote attackers to inject arbitrary web script or HTML via the query string to index.php.


Eval injection vulnerability in cal.php in Ligh

vulnerability | injection | Calendar | Weight | calphp | Light | Eval |

Eval injection vulnerability in cal.php in Light Weight Calendar (LWC) 1.0 allows remote attackers to execute arbitrary PHP code via the date parameter to index.php.


SQL injection vulnerability in the Calendar mod

vulnerability | nuked-klan | injection | Calendar | module | SQL |

SQL injection vulnerability in the Calendar module in nuked-klan 1.7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the m parameter to index.php.


The frontpage option in Limbo CMS 1.0.4.2 and 1

frontpage | option | Limbo | CMS |

The frontpage option in Limbo CMS 1.0.4.2 and 1.0.4.1 allows remote attackers to execute arbitrary PHP commands via the Itemid parameter in index.php.


SQL injection vulnerability in member.php in Cl

vulnerability | parameter | attackers | arbitrary | injection | memberphp | indexphp | commands | execute | Clansys | showid | member | remote | allows | page | SQL | via |

SQL injection vulnerability in member.php in Clansys 1.1 allows remote attackers to execute arbitrary SQL commands via the showid parameter in the member page to index.php.


SQL injection vulnerability, possibly in search

vulnerability | searchincphp | Open-Realty | injection | possibly | SQL |

SQL injection vulnerability, possibly in search.inc.php, in Open-Realty 2.3.1 allows remote attackers to execute arbitrary SQL commands via the sorttype parameter to index.php.


Directory traversal vulnerability in script.php

vulnerability | arbitrary | attackers | scriptphp | traversal | Directory | Gallery | Wabbit | remote | allows | files | read | via | PHP |

Directory traversal vulnerability in script.php in Wabbit PHP Gallery 0.9 allows remote attackers to read arbitrary files via a .. (dot dot) in the dir parameter to index.php.


SQL injection vulnerability in inc/header.inc.p

inc/headerincphp | board[styleid] | vulnerability | 30b284-php5 | parameter | attackers | arbitrary | injection | ThWboard | commands | indexphp | earlier | execute | allows | remote | SQL | via |

SQL injection vulnerability in inc/header.inc.php in ThWboard 3.0b2.84-php5 and earlier allows remote attackers to execute arbitrary SQL commands via the board[styleid] parameter to index.php.


SQL injection vulnerability in projects.php in

vulnerability | projectsphp | parameter | arbitrary | attackers | injection | commands | indexphp | execute | LightRO | allows | remote | SQL | CMS | via |

SQL injection vulnerability in projects.php in LightRO CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter to index.php.


SQL injection vulnerability in includes/rating.

includes/ratingphp | vulnerability | injection | Project | SQL |

SQL injection vulnerability in includes/rating.php in 2z Project 0.9.5 allows remote attackers to execute arbitrary SQL commands via the rating parameter to index.php.


Multiple cross-site scripting (XSS) vulnerabili

cross-site | scripting | Multiple |

Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft Affiliate Network Pro allow remote attackers to inject arbitrary web script or HTML via vectors in (a) merchants/index.php, including the (1) id or (2) msg parameter in a programedit action; the (3) pgmid parameter in an uploadProducts action; the (4) d, (5) m, or (6) y parameter in a daily action; the (7) err parameter in a ProgramReport action; the (8) i, (9) txtto, (10) txtfrom, or (11) programs parameter in a LinkReport action; or the (12) msg parameter in an add_money action; and one vector in (b) merchants/temp.php using (13) the rowid parameter. NOTE: vector 7 might overlap CVE-2005-3795.1.


Software vulnerabilities results 1 to 20 of 186     
Page: 12345...10