Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-09-23 | CVE-2012-5105 | Cross-Site Scripting vulnerability in Sqlitemanager 1.2.4 Multiple cross-site scripting (XSS) vulnerabilities in SQLiteManager 1.2.4 allow remote attackers to inject arbitrary web script or HTML via the dbsel parameter to (1) main.php or (2) index.php; or (3) nsextt parameter to index.php. | 4.3 |
| 2012-09-23 | CVE-2012-5104 | Cross-Site Scripting vulnerability in Ubbcentral Ubb.Threads Cross-site scripting (XSS) vulnerability in forums/ubbthreads.php in UBB.threads 7.5.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the Loginname parameter. | 4.3 |
| 2012-09-23 | CVE-2012-5103 | Cross-Site Scripting vulnerability in Dnelubin Gelinsguestbook 0.3.1 Multiple cross-site scripting (XSS) vulnerabilities in action/add-submit.php in Ggb Guestbook 0.3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) url or (2) message parameter. | 4.3 |
| 2012-09-23 | CVE-2012-5102 | Cross-Site Scripting vulnerability in Dariusz Handzlik Vertrigoserv 2.25 Cross-site scripting (XSS) vulnerability in inc/extensions.php in VertrigoServ 2.25 allows remote attackers to inject arbitrary web script or HTML via the ext parameter. | 4.3 |
| 2012-09-23 | CVE-2012-5101 | SQL Injection vulnerability in Jextensions JE Poll Component SQL injection vulnerability in the JExtensions JE Poll component before 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2012-09-23 | CVE-2012-5100 | Path Traversal vulnerability in Luizpicanco Hserver 0.1.1 Directory traversal vulnerability in HServer 0.1.1 allows remote attackers to read arbitrary files via a (1) ..%5c (dot dot encoded backslash) or (2) %2e%2e%5c (encoded dot dot backslash) in the PATH_INFO. | 5.0 |
| 2012-09-23 | CVE-2012-5099 | Cross-Site Scripting vulnerability in PHPb2B Cross-site scripting (XSS) vulnerability in list.php in PHPB2B 4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the q parameter in a search action. | 4.3 |
| 2012-09-23 | CVE-2012-5098 | SQL Injection vulnerability in J Waite PHP-X-Links 0.1/1.0 Multiple SQL injection vulnerabilities in Php-X-Links, possibly 1.0, allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to rate.php, (2) cid parameter to view.php, or (3) t parameter to pop.php. | 7.5 |
| 2012-09-23 | CVE-2011-5201 | SQL Injection vulnerability in Steveyolam Tinyguestbook 10.2010 Multiple SQL injection vulnerabilities in sign.php in tinyguestbook allow remote attackers to execute arbitrary SQL commands via the (1) name and (2) msg parameters. | 7.5 |
| 2012-09-23 | CVE-2011-5200 | SQL Injection vulnerability in Dedecms 5.6 Multiple SQL injection vulnerabilities in DeDeCMS, possibly 5.6, allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) list.php, (2) members.php, or (3) book.php. | 7.5 |