RSS   Vulnerabilities for 'Pro publish'   RSS

2006-06-05
 
CVE-2006-2821

CWE-Other
 

 
Multiple cross-site scripting (XSS) vulnerabilities in DeltaScripts Pro Publish allow remote attackers to inject arbitrary web script or HTML via the (1) artid parameter in art.php and the (2) catname parameter in cat.php.

 
2006-05-01
 
CVE-2006-2129

 

 
Direct static code injection vulnerability in Pro Publish 2.0 allows remote authenticated administrators to execute arbitrary PHP code by editing certain settings, which are stored in set_inc.php.

 
 
CVE-2006-2128

CWE-89
 

 
Multiple SQL injection vulnerabilities in Pro Publish 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) email and (2) password parameter to (a) admin/login.php, (3) find_str parameter to (b) search.php, or (4) artid parameter to (c) art.php, or (5) catid parameter to (d) cat.php.

 

 >>> Vendor: Deltascripts 6 Products
Php classifieds
Pro publish
Php manualmaker
Php pro publish
Php links
Php shop


Copyright 2024, cxsecurity.com

 

Back to Top