SQL injection vulnerability in exit.php for Serendipity 0.8 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) url_id or (2) entry_id parameters.
SQL injection vulnerability in (1) people.php, (2) track.php, (3) edit.php, (4) document.php, (5) census.php, (6) passthru.php and possibly other php files in phpMyFamily 1.4.0 allows remote attackers to execute arbitrary SQL commands, as demonstrated via (1) the person parameter to people.php or (2) the Login field.
Cross-site scripting (XSS) vulnerability in view.php in AzDGDatingPlatinum 1.1.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
Multiple SQL injection vulnerabilities in AzDGDatingPlatinum 1.1.0 allows remote attackers to execute arbitrary SQL commands via (1) the id parameter to view.php or (2) the from parameter to members/index.php.