CVE-2006-4601 – Annuaire 1Two 2.2 - SQL Injection
https://notcve.org/view.php?id=CVE-2006-4601
SQL injection vulnerability in index.php in Annuaire 1Two 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. Vulnerabilidad de inyección SQL en index.php en Annuaire 1Two 2.2 permite a atacantes remotos ejecutar comandos SQL de su elección mediante el parámetro id. • https://www.exploit-db.com/exploits/2289 http://acid-root.new.fr/poc/09060902.txt http://secunia.com/advisories/21734 http://securityreason.com/securityalert/1496 http://www.securityfocus.com/archive/1/445010/100/0/threaded http://www.securityfocus.com/bid/19817 http://www.vupen.com/english/advisories/2006/3440 https://exchange.xforce.ibmcloud.com/vulnerabilities/28730 •
CVE-2006-1433
https://notcve.org/view.php?id=CVE-2006-1433
Annuaire (Directory) 1.0 allows remote attackers to obtain sensitive information via a direct request to include/lang-en.php, which reveals the full installation path. • http://osvdb.org/ref/24/24302-annuaire_directory.txt http://secunia.com/advisories/19548 http://www.osvdb.org/24302 https://exchange.xforce.ibmcloud.com/vulnerabilities/25668 •
CVE-2006-1434
https://notcve.org/view.php?id=CVE-2006-1434
Cross-site scripting (XSS) vulnerability in inscription.php in Annuaire (Directory) 1.0 allows remote attackers to inject arbitrary web script or HTML via the Comment Field (COMMENTAIRE parameter). • http://osvdb.org/ref/24/24302-annuaire_directory.txt http://secunia.com/advisories/19548 http://www.osvdb.org/24303 http://www.securityfocus.com/bid/17393 https://exchange.xforce.ibmcloud.com/vulnerabilities/25669 •
CVE-2005-1975
https://notcve.org/view.php?id=CVE-2005-1975
Multiple cross-site scripting (XSS) vulnerabilities in Annuaire 1Two 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the id parameter to index.php, or the (2) site_id, (3) nom, (4) email, or (5) commentaire parameters in commentaires.php. • http://secunia.com/advisories/15708 http://securitytracker.com/id?1014187 http://www.hackisknowledge.org/Advisories/Annuaire%201Two%20v1.0/Annuaire%201Two%20v1.0.html http://www.securityfocus.com/bid/13612 http://www.securityfocus.com/bid/13960 http://www.securityfocus.com/bid/13961 •