Show filters
836 Total Results
Displaying 811-820 of 836
Sort by:
Attacker Value
Unknown

CVE-2008-0838

Disclosure Date: February 20, 2008 (last updated October 04, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in the web administration interface in Sophos ES1000 and ES4000 Email Security Appliance 2.1.0.0 allow remote attackers to inject arbitrary web script or HTML via the (1) error and (2) go parameters to the login page.
0
0
Attacker Value
Unknown

CVE-2008-0714

Disclosure Date: February 12, 2008 (last updated October 04, 2023)
SQL injection vulnerability in users.php in Mihalism Multi Host allows remote attackers to execute arbitrary SQL commands via the username parameter in a lost_password_go action.
0
0
Attacker Value
Unknown

CVE-2007-5688

Disclosure Date: October 29, 2007 (last updated October 04, 2023)
Multiple SQL injection vulnerabilities in directory.php in the Multi-Forums (aka Multi Host Forum Pro) module 1.3.3, for phpBB and Invision Power Board (IPB or IP.Board), allow remote attackers to execute arbitrary SQL commands via the (1) go and (2) cat parameters.
0
0
Attacker Value
Unknown

CVE-2007-5677

Disclosure Date: October 24, 2007 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in shoutbox/blocco.php in Hackish BETA 1.1 allows remote attackers to inject arbitrary web script or HTML via the go_shout parameter.
0
0
Attacker Value
Unknown

CVE-2007-4846

Disclosure Date: September 12, 2007 (last updated October 04, 2023)
SQL injection vulnerability in start.php in Webace-Linkscript (wls) 1.3 Special Edition (SE) allows remote attackers to execute arbitrary SQL commands via the id parameter in a rubrik go action.
0
0
Attacker Value
Unknown

CVE-2007-4369

Disclosure Date: August 15, 2007 (last updated October 04, 2023)
Directory traversal vulnerability in go/_files in SOTEeSKLEP before 4.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
0
0
Attacker Value
Unknown

CVE-2007-1083

Disclosure Date: February 23, 2007 (last updated October 04, 2023)
Buffer overflow in the Configuration Checker (ConfigChk) ActiveX control in VSCnfChk.dll 2.0.0.2 for Verisign Managed PKI Service, Secure Messaging for Microsoft Exchange, and Go Secure! allows remote attackers to execute arbitrary code via long arguments to the VerCompare method.
0
0
Attacker Value
Unknown

CVE-2007-1050

Disclosure Date: February 21, 2007 (last updated October 04, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in index.php in AbleDesign MyCalendar allow remote attackers to inject arbitrary web script or HTML via (1) the go parameter, (2) the keyword parameter in the search menu (go=search), or (3) the username or (4) the password in a go=Login action.
0
0
Attacker Value
Unknown

CVE-2006-6218

Disclosure Date: December 01, 2006 (last updated October 04, 2023)
Multiple SQL injection vulnerabilities in index.php in dev4u CMS allow remote attackers to execute arbitrary SQL commands via the (1) seite_id, (2) gruppe_id.php, and (3) go_target parameters.
0
0
Attacker Value
Unknown

CVE-2006-6219

Disclosure Date: December 01, 2006 (last updated October 04, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in index.php in dev4u CMS allow remote attackers to inject arbitrary web script or HTML via the (1) user_name, (2) passwort, and (3) go_target parameters.
0
0
View More Topics  < Previous  Next >