searchphp software vulnerabilities

Searching searchphp software vulnerabilities

Cross-site scripting (XSS) vulnerability in Pho

Cross-site scripting (XSS) vulnerability in Phorum 5.0.11 and earlier allows remote attackers to inject arbitrary HTML or web script via search.php. NOTE: some sources have reported that the affected file is read.php, but this is inconsistent with the vendor's patch.

Multiple SQL injection vulnerabilities in paFil

Multiple SQL injection vulnerabilities in paFileDB 3.1 and earlier allow remote attackers to execute arbitrary SQL commands via the formname parameter (1) in the login form, (2) in the team login form, or (3) to auth.php, (4) select, (5) id, or (6) query parameter to pafiledb.php, or (7) string parameter to search.php.

Cross-site scripting (XSS) vulnerability in Cut

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in CuteNews 1.3.6 allows remote attackers to inject arbitrary web script or HTML via (1) the lastusername parameter to index.php or (2) selected_search_arch parameter to search.php.

Cross-site scripting (XSS) vulnerability in ATu

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in ATutor 1.5.1 allows remote attackers to inject arbitrary web script or HTML via (1) course parameter in login.php or (2) words parameter in search.php.

Multiple cross-site scripting (XSS) vulnerabili

cross-site | scripting | Multiple |

Multiple cross-site scripting (XSS) vulnerabilities in MAXdev MD-Pro 1.0.72 allow remote attackers to inject arbitrary web script or HTML via (1) dl-search.php or (2) wl-search.php.

Multiple cross-site scripting (XSS) vulnerabili

cross-site | scripting | Multiple |

Multiple cross-site scripting (XSS) vulnerabilities in SmartPPC Pro allow remote attackers to inject arbitrary web script or HTML via the username parameter in (1) directory.php, (2) frames.php, and (3) search.php.

SQL injection vulnerability in KBase Express 1.

SQL injection vulnerability in KBase Express 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id parameter to category.php and (2) search parameters to search.php.

SQL injection vulnerability in WowBB 1.65 allow

vulnerability | injection | WowBB | SQL |

SQL injection vulnerability in WowBB 1.65 allows remote attackers to execute arbitrary SQL commands via the q parameter to search.php. NOTE: the view_user.php/sort_by vector is already covered by CVE-2005-1554 and CVE-2004-2181.

Multiple cross-site scripting (XSS) vulnerabili

cross-site | scripting | Multiple |

Multiple cross-site scripting (XSS) vulnerabilities in sBLOG 0.7.1 Beta Friday, December 02, 2005 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) p and (2) keyword parameters in (a) index.php and (b) search.php.

Multiple SQL injection vulnerabilities in Saral

Multiple SQL injection vulnerabilities in SaralBlog 1.0 allow remote attackers to execute arbitrary SQL commands via the search parameter to search.php. NOTE: the id/viewprofile.php issue is already covered by CVE-2005-4058.

Multiple SQL injection vulnerabilities in Power

Multiple SQL injection vulnerabilities in PowerPortal, possibly 1.1 beta through 1.3, allow remote attackers to execute arbitrary SQL commands via the search parameter in (1) index.php and (2) search.php. NOTE: This issue might overlap CVE-2004-0663.2.

Multiple SQL injection vulnerabilities in Grega

Multiple SQL injection vulnerabilities in Gregarius 0.5.2 allow remote attackers to execute arbitrary SQL commands via the (1) folder parameter to feed.php or (2) rss_query parameter to search.php.

Cross-site scripting (XSS) vulnerability in Ope

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in Open Searchable Image Catalogue (OSIC) 0.7.0.1 and earlier allows remote attackers to inject arbitrary web scripts or HTML via the item_list parameter in search.php.

SQL injection vulnerability in Dating Agent PRO

SQL injection vulnerability in Dating Agent PRO 4.7.1 allows remote attackers to execute arbitrary SQL commands via the (1) pid parameter in picture.php, (2) mid parameter in mem.php, and the (3) sex and (4) relationship parameters in search.php.

Cross-site scripting (XSS) vulnerability in Dat

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in Dating Agent PRO 4.7.1 allows remote attackers to inject arbitrary web script or HTML via the login parameter in (1) webmaster/index.php and (2) search.php.

Multiple SQL injection vulnerabilities in Belch

Multiple SQL injection vulnerabilities in Belchior Foundry vCard PRO allow remote attackers to execute arbitrary SQL commands via the (1) cat_id parameter to (a) gbrowse.php, (2) card_id parameter to (b) rating.php and (c) create.php, and the (3) event_id parameter to (d) search.php.

Software vulnerabilities results 1 to 20 of 37

Page: 12 ►

searchphp software vulnerabilities

vulnerabilities.aspcode.net

Searching searchphp software vulnerabilities

Cross-site scripting (XSS) vulnerability in Pho

Multiple SQL injection vulnerabilities in paFil

Cross-site scripting (XSS) vulnerability in Cut

Cross-site scripting (XSS) vulnerability in ATu

Multiple cross-site scripting (XSS) vulnerabili

Multiple cross-site scripting (XSS) vulnerabili

SQL injection vulnerability in KBase Express 1.

SQL injection vulnerability in WowBB 1.65 allow

Multiple cross-site scripting (XSS) vulnerabili

Multiple SQL injection vulnerabilities in Saral

Multiple SQL injection vulnerabilities in Power

Multiple SQL injection vulnerabilities in Grega

Cross-site scripting (XSS) vulnerability in Ope

SQL injection vulnerability in Dating Agent PRO

Cross-site scripting (XSS) vulnerability in Dat

Multiple SQL injection vulnerabilities in Belch

Multiple SQL injection vulnerabilities in Olate

Multiple cross-site scripting (XSS) vulnerabili

Multiple SQL injection vulnerabilities in Alstr

Multiple SQL injection vulnerabilities in Multi