Vulnerability DB - Armorize Technologies Inc.

Phone : 1-408-216-7893
Fax : 1-408-583-4288
info@armorize.com
For products and sales
related queries, write to
sales@armorize.com

Redherring.tv: "without security our enterprises can't gain trust" says Armorize COO, Matt Huang. View the interview

RSA 2007: Wayne Huang, CEO of Armorize gave a speech on "Automated Web Application Vulnerability Detection Using Static Analysis" Read More

Armorize Solutions

Security On Demand

Research

News & Events

About Us

Home >> Research >> Vulnerability DB

Vulnerability DB

Search Results (3738) Show All |

Page / 374

CVE Name	Language	Vulnerability type
CVE-2006-3056	PHP	Input Validation Error
Vulnerability type SQL injection vulnerability in language.php in VBZooM 1.01 allows remote attackers to execute arbitrary SQL commands via the Action parameter. Read full details

CVE Name	Language	Vulnerability type
CVE-2006-3055	PHP	Input Validation Error
Vulnerability type Multiple SQL injection vulnerabilities in VBZooM 1.02 allow remote attackers to execute arbitrary SQL commands via the 1 QuranID 2 ShowByQuranID or 3 Action parameters to meaning.php. Read full details

CVE Name	Language	Vulnerability type
CVE-2006-3054	PHP	Input Validation Error
Vulnerability type Multiple SQL injection vulnerabilities in VBZooM 1.11 allow remote attackers to execute arbitrary SQL commands via the 1 sobjectID or 2 MAINID parameters to a show.php or 3 MainID parameter to b subject.php. Read full details

CVE Name	Language	Vulnerability type
CVE-2006-3053	PHP	Input Validation Error
Vulnerability type PHP remote file inclusion vulnerability in common.php in PHORUM 5.1.13 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the PHORUMhttp_path parameter. Read full details

CVE Name	Language	Vulnerability type
CVE-2006-3052	PHP	N/A
Vulnerability type Cross-site scripting XSS vulnerability in Event Registration allows remote attackers to inject arbitrary web script or HTML via the 1 event_id parameter to view-event-details.php or 2 select_events parameter to event- registration.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information. Read full details

CVE Name	Language	Vulnerability type
CVE-2006-3051	PHP	Input Validation Error
Vulnerability type Cross-site scripting XSS vulnerability in list.php in SixCMS 6.0 and earlier allows remote attackers to inject arbitrary script code or HTML via the page parameter. Read full details

CVE Name	Language	Vulnerability type
CVE-2006-3050	PHP	Input Validation Error
Vulnerability type Directory traversal vulnerability in detail.php in SixCMS 6.0 and earlier allows remote attackers to read arbitrary files via a .. dot dot sequence and trailing null 00 byte in the template parameter. Read full details

CVE Name	Language	Vulnerability type
CVE-2006-3049	PHP	N/A
Vulnerability type Multiple cross-site scripting XSS vulnerabilities in booking3.php in Mole Group Ticket Booking Script allow remote attackers to inject arbitrary web script or HTML via the 1 name 2 address1 3 address2 4 county 5 postcode 6 email 7 phone or 8 mobile parameters to booking2.php. Read full details

CVE Name	Language	Vulnerability type
CVE-2006-3045	PHP	N/A
Vulnerability type PHP remote file inclusion vulnerability in manage_songs.php in Foing 0.7.0e and earlier allows remote attackers to execute arbitrary PHP code via a URL in the foing_root_path parameter. Read full details

CVE Name	Language	Vulnerability type
CVE-2006-3042	PHP	N/A
Vulnerability type Multiple PHP remote file inclusion vulnerabilities in ISPConfig 2.2.3 allow remote attackers to execute arbitrary PHP code via a URL in the 1 go_infoispclasses_root parameter in a server.inc.php and the 2 go_info serverclasses_root parameter in b app.inc.php c login.php and d trylogin.php. Read full details

Armorize Technologies Inc.