userphp software vulnerabilities
vulnerabilities.aspcode.net
Searching userphp software vulnerabilities
Multiple cross-site scripting vulnerabilities i
vulnerabilities
|
cross-site
|
arbitrary
|
attackers
|
scripting
|
0760-RC3
|
Multiple
|
PostNuke
|
script
|
inject
|
remote
|
allow
|
HTML
|
via
|
web
|
Multiple cross-site scripting vulnerabilities in PostNuke 0.760-RC3 allow remote attackers to inject arbitrary web script or HTML via the (1) module parameter to admin.php or (2) op parameter to user.php. NOTE: the vendor reports that certain issues could not be reproduced for 760 RC3, or for .750. However, the op/user.php issue exists when the pnAntiCracker setting is disabled.
SQL injection vulnerability in Primo Cart 1.0 a
vulnerability
|
arbitrary
|
attackers
|
injection
|
commands
|
earlier
|
execute
|
remote
|
allows
|
Primo
|
Cart
|
via
|
SQL
|
SQL injection vulnerability in Primo Cart 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) q parameter to search.php and (2) email parameter to user.php.
Interpretation conflict in PostNuke 0.761 and e
Interpretation
|
PostNuke
|
conflict
|
Interpretation conflict in PostNuke 0.761 and earlier allows remote attackers to conduct cross-site scripting (XSS) attacks via HTML tags with a trailing "<" character, which is interpreted as a ">" character by some web browsers but bypasses the blacklist protection in (1) the pnVarCleanFromInput function in pnAPI.php, (2) the pnSecureInput function in pnAntiCracker.php, and (3) the htmltext parameter in an edituser operation to user.php.
Multiple cross-site scripting (XSS) vulnerabili
cross-site
|
scripting
|
Multiple
|
Multiple cross-site scripting (XSS) vulnerabilities in Net Portal Dynamic System (NPDS) 5.10 and earlier allow remote attackers to inject arbitrary web script and HTML via the (1) Titlesitename or (2) sitename parameter to (a) header.php, (3) nuke_url parameter to (b) meta/meta.php, (4) forum parameter to (c) viewforum.php, (5) post_id, (6) forum, (7) topic, or (8) arbre parameter to (d) editpost.php, or (9) uname or (10) email parameter to (e) user.php.
Multiple cross-site scripting (XSS) vulnerabili
cross-site
|
scripting
|
Multiple
|
Multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.5 allow remote attackers to inject arbitrary web script or HTML via the query string (PATH_INFO) in (1) contact.php, (2) download.php, (3) admin.php, (4) fpw.php, (5) news.php, (6) search.php, (7) signup.php, (8) submitnews.php, and (9) user.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
Multiple cross-site scripting (XSS) vulnerabili
cross-site
|
scripting
|
Multiple
|
Multiple cross-site scripting (XSS) vulnerabilities in BirdBlog 1.4 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) entryid parameter in comment.php, (2) page parameter in index.php, or the (3) uid parameter in user.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
Software vulnerabilities results 1 to 7 of 7
Page:
1