Show filters
21 Total Results
Displaying 11-20 of 21
Sort by:
Attacker Value
Unknown

CVE-2007-4094

Disclosure Date: July 30, 2007 (last updated October 04, 2023)
PHP remote file inclusion vulnerability in library/authorize.php in IDevSpot PhpHostBot allows remote attackers to execute arbitrary PHP code via a URL in the login_form parameter, a different vector than CVE-2006-3776.
0
Attacker Value
Unknown

CVE-2006-4895

Disclosure Date: September 19, 2006 (last updated October 04, 2023)
IDevSpot NexieAffiliate 1.9 and earlier allows remote attackers to delete arbitrary affiliates via a modified id parameter to delete.php.
0
Attacker Value
Unknown

CVE-2006-4894

Disclosure Date: September 19, 2006 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in forms/lostpassword.php in iDevSpot NixieAffiliate 1.9 and earlier allows remote attackers to inject arbitrary web script or HTML via the error parameter.
0
Attacker Value
Unknown

CVE-2006-4883

Disclosure Date: September 19, 2006 (last updated October 04, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in IDevSpot BizDirectory allow remote attackers to inject arbitrary web script or HTML via (1) the stylesheet parameter in Feed.php or (2) the message parameter in status.php.
0
Attacker Value
Unknown

CVE-2006-4884

Disclosure Date: September 19, 2006 (last updated October 04, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in IDevSpot iSupport 1.8 allow remote attackers to inject arbitrary web script or HTML via (1) the suser parameter in support/rightbar.php, (2) the ticket_id parameter in support/open_tickets.php, and (3) the cons_page_title parameter in index.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
0
Attacker Value
Unknown

CVE-2006-4741

Disclosure Date: September 13, 2006 (last updated October 04, 2023)
PHP remote file inclusion vulnerability in bits_listings.php in IDevSpot PhpLinkExchange 1.0 allows remote attackers to execute arbitrary code via the svr_rootPhpStart parameter.
0
Attacker Value
Unknown

CVE-2006-4742

Disclosure Date: September 13, 2006 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in user_add.php in IDevSpot PhpLinkExchange 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter.
0
Attacker Value
Unknown

CVE-2006-4747

Disclosure Date: September 13, 2006 (last updated October 04, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in IdevSpot TextAds allow remote attackers to inject arbitrary web script or HTML via (1) the id parameter in delete.php and (2) the error parameter in error.php.
0
Attacker Value
Unknown

CVE-2006-3777

Disclosure Date: July 24, 2006 (last updated October 04, 2023)
PHP remote file inclusion vulnerability in index.php in IDevSpot PhpLinkExchange 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter.
0
Attacker Value
Unknown

CVE-2006-3776

Disclosure Date: July 24, 2006 (last updated October 04, 2023)
PHP remote file inclusion vulnerability in order/index.php in IDevSpot (1) PhpHostBot 1.0 and (2) AutoHost 3.0 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter.
0