2008.08.21
Multiple vulnerabilities have been identified in Mambo 4.6.2 which could lead to SQL injections, cross-site scripting, cross-site request forgery attacks, spamming and brute forcing administrator access.
2006.12.05
A vulnerability was reported in aBitWhizzy. A remote user can include and execute local files on the target system.
2006.11.24
A vulnerability was reported in JiRo's Link Manager. A remote user can injection SQL commands. A remote user can conduct cross-site scripting attacks.
2006.11.21
Multiple vulnerabilities have been identified in SoftAcid Link Exchange Lite, which could be exploited by remote attackers to execute arbitrary SQL commands. These flaws are due to input validation errors in the "search.asp" and "linkslist.asp" scripts that do not validate the "url" and "psearch" parameters before being used in SQL statements, which could be exploited by malicious people to conduct SQL injection attacks.
2006.11.21
Multiple input validation vulnerabilities in CreaDirectory have been reported, which can be exploited by remote users to conduct cross-site scripting and SQL injection attacks.
2006.11.21
Multiple input validation vulnerabilities in Classified System 2004 have been reported, which can be exploited by remote users to conduct cross-site scripting and SQL injection attacks.
2006.11.20
Multiple input validation vulnerabilities in Rialto have been reported, which can be exploited by remote users to conduct cross-site scripting and SQL injection attacks.
2006.11.20
Multiple input validation vulnerabilities in Enthrallweb eHomes have been reported, which can be exploited by remote users to conduct cross-site scripting and SQL injection attacks.
2006.11.19
Multiple input validation vulnerabilities in The Classifieds Ad System have been reported, which can be exploited by remote users conduct SQL injection and cross-site scripting vulnerabilities.
2006.11.19
Multiple input validation vulnerabilities in Rapid Classified have been reported, which can be exploited by remote users to conduct cross-site scripting and SQL injection attacks.
2006.11.19
Multiple input validation vulnerabilities in Enthrallweb eClassifieds have been reported, which can be exploited by remote users to conduct SQL injection attacks.
2006.11.18
Multiple input validation vulnerabilities in Vikingboard have been reported, which can be exploited by remote users to disclose certain sensitive information and conduct script insertion attacks.
2006.11.17
Multiple input validation vulnerabilities in BestWebApp Dating Site have been reported, which can be exploited by remote users to conduct cross-site scripting and SQL injection attacks.
2006.11.17
Some vulnerabilities in ASPCart have been reported, which can be exploited by remote users to conduct SQL injection attacks.
2006.11.17
Multiple vulnerabilities in 20/20 Auto Gallery have been reported, which can be exploited by remote users to conduct SQL injection attacks.
2006.11.16
A vulnerability in phpMyAdmin have been reported, which can be exploited by remote users to conduct cross-site scripting attacks.
2006.11.15
Some vulnerabilities in E-Calendar Pro have been reported, which can be exploited by remote users to conduct SQL injection attacks.
2006.11.15
Some vulnerabilities in Dragon Internet Events Listing have been reported, which can be exploited by remote users to conduct SQL injection attacks.
2006.11.14
Cross Site Scripting, Manipulation of data
2006.11.14
Some vulnerabilities in Hpecs Shopping Cart, which can be exploited by malicious people to conduct SQL injection attacks.
2006.11.14
Some vulnerabilities in FunkyASP Glossary 1.0, which can be exploited by malicious people to conduct SQL injection attacks.
2006.11.14
Some vulnerabilities in Enthrallweb eShopping Cart have been reported, which can be exploited by remote users to conduct SQL injection attacks.
2006.11.14
Some vulnerabilities in E-commerce Kit-1 PayPal Edition, which can be exploited by malicious people to conduct SQL injection attacks.
2006.11.14
Some vulnerabilities in Car Site Manager, which can be exploited by malicious people to conduct SQL injection attacks and cross-site scripting attacks.
2006.11.14
Some vulnerabilities in CandyPress Store have been reported, which can be exploited by remote users to conduct SQL injection attacks.
2006.11.14
Some vulnerabilities in BlogMe, which can be exploited by malicious people to conduct script insertion and SQL injection attacks.
2006.11.14
Two vulnerabilities in A+ Store E-Commerce have been reported, which can be exploited by remote users to conduct SQL injection and cross-site scripting attacks.
2006.11.13
Two input validation vulnerabilities in myStats have been reported, which can be exploited by remote users to conduct SQL injection and cross-site scripting attacks.
2006.11.12
Two vulnerabilities in INFINICART have been reported, which can be exploited by remote users to conduct cross-site scripting and SQL injection attacks.
2006.11.10
Multiple vulnerabilities in OmniStar Article have been reported, which can be exploited by remote users to conduct SQL injection attacks.
2006.11.09
Multiple input validation vulnerabilities in Wheatblog have been reported, which can be exploited by remote users or users to conduct script insertion attacks.
2006.11.09
Two vulnerabilities in SpeedyWiki have been reported, which can be exploited by remote users to compromise a vulnerable system and to conduct cross-site scripting attacks.
2006.11.09
Multiple vulnerabilities in Landshop have been reported, which can be exploited by remote users to conduct cross-site scripting and SQL injection attacks.
2006.11.09
Two vulnerabilities in FreeWebshop.org Script have been reported, which can be exploited by remote users to disclose sensitive information or conduct cross-site scripting attacks.
2006.11.09
Two input validation vulnerabilities in bitweaver have been reported, which can be exploited by remote users to conduct SQL injection and cross-site scripting attacks.
2006.11.09
Multiple vulnerabilities in All In One Control Panel (AIOCP) have been reported, which can be exploited by remote users to conduct SQL injection attacks or cross-site scripting attacks.
2006.11.08
SQL Injection allowing hacker to bypass login authentification and cross site scripting attacks
2006.11.08
Some vulnerabilities in Abarcar Realty Portal have been reported, which can be exploited by remote users to conduct SQL injection attacks.
2006.11.06
A vulnerability was reported in If-CMS. A remote user can conduct cross-site scripting attacks.