Show filters
6 Total Results
Displaying 1-6 of 6
Sort by:
Attacker Value
Unknown
CVE-2008-7120
Disclosure Date: August 28, 2009 (last updated October 04, 2023)
SQL injection vulnerability in Mr. CGI Guy Hot Links SQL-PHP 3 and earlier allows remote attackers to execute arbitrary SQL commands via the news.php parameter.
0
Attacker Value
Unknown
CVE-2008-7121
Disclosure Date: August 28, 2009 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in Mr. CGI Guy Hot Links SQL-PHP 3 and earlier allows remote attackers to inject arbitrary web script or HTML via the search bar.
0
Attacker Value
Unknown
CVE-2008-4378
Disclosure Date: October 01, 2008 (last updated October 04, 2023)
SQL injection vulnerability in report.php in Mr. CGI Guy Hot Links SQL-PHP 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
0
Attacker Value
Unknown
CVE-2008-4379
Disclosure Date: October 01, 2008 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in report.php in Mr. CGI Guy Hot Links SQL-PHP 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter.
0
Attacker Value
Unknown
CVE-2006-7086
Disclosure Date: March 02, 2007 (last updated October 04, 2023)
The (1) dlback.php and (2) dlback.cgi scripts in Hot Links allow remote attackers to obtain sensitive information and download the database via a direct request with a modified dl parameter.
0
Attacker Value
Unknown
CVE-2005-4041
Disclosure Date: December 06, 2005 (last updated February 22, 2025)
Cross-site scripting (XSS) vulnerability in search.cgi in MR CGI Guy Hot Links SQL 3.1.x and Hot Links Pro 3.1.x allows remote attackers to inject arbitrary web script or HTML via the query string.
0
