Show filters
51 Total Results
Displaying 41-50 of 51
Sort by:
Attacker Value
Unknown

CVE-2007-3119

Disclosure Date: June 07, 2007 (last updated October 04, 2023)
SQL injection vulnerability in news.asp in Kartli Alisveris Sistemi (aka Free-PayPal-Shopping-Cart) 1.0 allows remote attackers to execute arbitrary SQL commands via the news_id parameter.
0
0
Attacker Value
Unknown

CVE-2007-2887

Disclosure Date: May 30, 2007 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in index.php in Web Icerik Yonetim Sistemi (WIYS) 1.0 allows remote attackers to inject arbitrary web script or HTML via the No parameter in the Sayfa page.
0
0
Attacker Value
Unknown

CVE-2007-0305

Disclosure Date: January 18, 2007 (last updated October 04, 2023)
SQL injection vulnerability in etkinlikbak.asp in Okul Web Otomasyon Sistemi 4.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
0
0
Attacker Value
Unknown

CVE-2007-0304

Disclosure Date: January 18, 2007 (last updated October 04, 2023)
SQL injection vulnerability in duyuru.asp in MiNT Haber Sistemi 2.7 allows remote attackers to execute arbitrary SQL commands via the id parameter.
0
0
Attacker Value
Unknown

CVE-2006-6739

Disclosure Date: December 26, 2006 (last updated October 04, 2023)
PHP remote file inclusion vulnerability in buycd.php in Paristemi 0.8.3 allows remote attackers to execute arbitrary PHP code via a URL in the HTTP_DOCUMENT_ROOT parameter, a different vector than CVE-2006-6689.
0
0
Attacker Value
Unknown

CVE-2006-6689

Disclosure Date: December 21, 2006 (last updated October 04, 2023)
Multiple PHP remote file inclusion vulnerabilities in Paristemi 0.8.3 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the SERVER_DIRECTORY parameter to unspecified scripts, a different vector than CVE-2006-6739. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
0
0
Attacker Value
Unknown

CVE-2006-6642

Disclosure Date: December 20, 2006 (last updated October 04, 2023)
SQL injection vulnerability in haber.asp in Contra Haber Sistemi 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
0
0
Attacker Value
Unknown

CVE-2006-1021

Disclosure Date: March 07, 2006 (last updated February 22, 2025)
Cross-site scripting (XSS) vulnerability in sol_menu.php in PeHePe Uyelik Sistemi (aka PeHePe MemberShip Management System) 3 allows remote attackers to inject arbitrary web script or HTML via the kuladi parameter ($kul_adi variable).
0
0
Attacker Value
Unknown

CVE-2005-2204

Disclosure Date: July 11, 2005 (last updated February 22, 2025)
Cross-site scripting (XSS) vulnerability in Computer Associates (CA) eTrust SiteMinder 5.5, when the "CSSChecking" parameter is set to "NO," allows remote attackers to inject arbitrary web script or HTML via the (1) PASSWORD or (2) BUFFER parameters to smpwservicescgi.exe, (3) the TARGET parameter to login.fcc, and possibly other vectors.
0
0
Attacker Value
Unknown

CVE-2001-1455

Disclosure Date: August 24, 2001 (last updated February 22, 2025)
Netegrity SiteMinder 3.6 through 4.5.1 allows remote attackers to bypass filtering via URLs containing Unicode characters.
0
0
View More Topics  < Previous  Next >