Show filters
118 Total Results
Displaying 101-110 of 118
Sort by:
Attacker Value
Unknown

CVE-2006-3514

Disclosure Date: July 11, 2006 (last updated October 04, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in admin/actions.php in PHP-Blogger 2.2.5, and possibly earlier versions, allow remote attackers to execute arbitrary web script or HTML via the (1) name, (2) title, (3) news, (4) description, and (5) sitename parameters.
0
0
Attacker Value
Unknown

CVE-2006-2586

Disclosure Date: May 25, 2006 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in IpLogger 1.7 and earlier allows remote attackers to inject arbitrary HTML or web script via the HTTP_REFERER header in an HTTP request.
0
0
Attacker Value
Unknown

CVE-2006-2558

Disclosure Date: May 24, 2006 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in IpLogger 1.7 and earlier allows remote attackers to inject arbitrary HTML or web script via the User-Agent (useragent) header in an HTTP request, which is not filtered when the log files are viewed.
0
0
Attacker Value
Unknown

CVE-2006-2157

Disclosure Date: May 03, 2006 (last updated October 04, 2023)
SQL injection vulnerability in gallery.php in Plogger Beta 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter, when the level is set to "slideshow". NOTE: This is a different vulnerability than CVE-2005-4246.
0
0
Attacker Value
Unknown

CVE-2006-1791

Disclosure Date: April 14, 2006 (last updated October 04, 2023)
Directory traversal vulnerability in acc.php in QuickBlogger 1.4 allows remote attackers to read or include arbitrary local files via the request parameter. NOTE: this issue can also produce resultant XSS when the associated include statement fails.
0
0
Attacker Value
Unknown

CVE-2006-0311

Disclosure Date: January 19, 2006 (last updated February 22, 2025)
SQL injection vulnerability in login.php in aoblogger 2.3 allows remote attackers to execute arbitrary SQL commands via the username parameter.
0
0
Attacker Value
Unknown

CVE-2006-0312

Disclosure Date: January 19, 2006 (last updated February 22, 2025)
create.php in aoblogger 2.3 allows remote attackers to bypass authentication and create new blog entries by setting the uza parameter to 1.
0
0
Attacker Value
Unknown

CVE-2006-0310

Disclosure Date: January 19, 2006 (last updated February 22, 2025)
Cross-site scripting (XSS) vulnerability in aoblogger 2.3 allows remote attackers to inject arbitrary Javascript via a javascript URI in the BBcode url tag.
0
0
Attacker Value
Unknown

CVE-2006-0209

Disclosure Date: January 14, 2006 (last updated February 22, 2025)
SQL injection vulnerability in general_functions.php in TankLogger 2.4 allows remote attackers to execute arbitrary SQL commands via the (1) livestock_id parameter to showInfo.php and (2) tank_id parameter, possibly to livestock.php.
0
0
Attacker Value
Unknown

CVE-2005-4785

Disclosure Date: December 31, 2005 (last updated February 22, 2025)
Cross-site scripting (XSS) vulnerability in QuickBlogger 1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) author ("your name") and (2) "comment" section.
0
0
View More Topics  < Previous  Next >