Cross-site scripting (XSS) vulnerability in XWiki Enterprise before 2.5 allows remote attackers to inject arbitrary web script or HTML via unspecified
Published
Dec 30, 2010
SQL injection vulnerability in XWiki Enterprise before 2.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Multiple cross-site scripting (XSS) vulnerabilities in XWiki Watch 1.0 allow remote attackers to inject arbitrary web script or HTML via the rev param
SQL injection vulnerability in index.php in MySource Matrix allows remote attackers to execute arbitrary SQL commands via the id parameter.
SQL injection vulnerability in the submitSurvey function in controller.php in JQuarks4s (com_jquarks4s) component 1.0.0 for Joomla!, when magic_quotes
Cross-site scripting (XSS) vulnerability in feedlist/handler_image.php in the FeedList plugin 2.61.01 for WordPress allows remote attackers to inject
SQL injection vulnerability in detail.asp in Site2Nite Business e-Listings allows remote attackers to execute arbitrary SQL commands via the ID parame
SQL injection vulnerability in detail.asp in Site2Nite Vacation Rental (VRBO) Listings allows remote attackers to execute arbitrary SQL commands via t
Directory traversal vulnerability in osTicket 1.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to module.p
SQL injection vulnerability in cart.php in digiSHOP 2.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different
Multiple SQL injection vulnerabilities in ASPilot Pilot Cart 7.3 allow remote attackers to execute arbitrary SQL commands via the (1) article paramete
Multiple cross-site scripting (XSS) vulnerabilities in ASPilot Pilot Cart 7.3 allow remote attackers to inject arbitrary web script or HTML via the (1
Cross-site scripting (XSS) vulnerability in pages/admin/surveys/create.php in the WP Survey And Quiz Tool plugin 1.2.1 for WordPress allows remote att
MyBB (aka MyBulletinBoard) before 1.4.12 does not properly restrict uid values for group join requests, which allows remote attackers to cause a denia
member.php in MyBB (aka MyBulletinBoard) before 1.4.12 makes a certain superfluous call to the SQL COUNT function, which allows remote attackers to ca
Cross-site request forgery (CSRF) vulnerability in usercp2.php in MyBB (aka MyBulletinBoard) before 1.4.12 allows remote attackers to hijack the authe
The my_rand function in functions.php in MyBB (aka MyBulletinBoard) before 1.4.12 does not properly use the PHP mt_rand function, which makes it easie
MyBB (aka MyBulletinBoard) before 1.4.12 does not properly handle a configuration with a visible forum that contains hidden threads, which allows remo
MyBB (aka MyBulletinBoard) before 1.4.12 allows remote authenticated users to bypass intended restrictions on the number of [img] MyCodes by editing a
Multiple cross-site scripting (XSS) vulnerabilities in MyBB (aka MyBulletinBoard) 1.4.14, and 1.6.x before 1.6.1, allow remote attackers to inject arb