10441 matches found
PHP-Nuke Book Catalog Module 1.0 'catid' Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/30511/info The Book Catalog module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...
Lootan 'login.asp' SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/33439/info Lootan is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...
Tyger Bug Tracking System 1.1.3 Register.php PATH_INFO Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/22799/info Tyger Bug Tracking System is prone to multiple input-validation vulnerabilities, including one SQL-injection issue and two cross-site scripting issues, because the application fails to sufficiently sanitize...
Zoph 0.7.2.1 Unspecified SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/30116/info Zoph is prone to a cross-site scripting vulnerability and multiple SQL-injection vulnerabilities. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the...
WSN Knowledge Base 1.2 index.php Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15656/info WSN Knowledge Base is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...
OtomiGenX 2.2 - 'userAccount' Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/29470/info OtomiGenX is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...
Link Exchange Lite 1.0 - Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/21225/info Link Exchange Lite is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacke...
n8cms 1.1/1.2 index.php Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/16858/info The 'n8cms' script is prone to multiple input-validation vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input. Successful exploitation could allow an...
AlmondSoft Multiple Classifieds Products index.php replid Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/35816/info AlmondSoft Almond Classifieds is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues...
NPDS 5.10 Multiple Input Validation Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/18383/info NPDS is prone to multiple input-validation issues, including information-disclosure and cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize...
LaGarde StoreFront 5.0 Shopping Cart LOGIN.ASP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13998/info StoreFront Shopping Cart is affected by an SQL injection vulnerability. The vulnerability affects the 'login.asp' script. Successful exploitation could result in a compromise of the application, disclosure or...
Comparison Engine Power 1.0 'product.comparision.php' SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/34232/info Comparison Engine Power is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...
Zen Time Tracking 2.2 Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/38153/info Zen Time Tracking is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker...
Entergal MX 2.0 - Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/15631/info Entergal MX is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...
Active Bids search.asp search Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/33306/info Active Auction House and Active Auction Pro are prone to SQL-injection and cross-site scripting vulnerabilities because they fail to sufficiently sanitize user-supplied data. Exploiting these issues could allow...
CubeCart 3.0.x admin/print_order.php order_id Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/20215/info CubeCart is prone to multiple input-validation vulnerabilities, including information-disclosure, cross-site scripting, and SQL-injection issues, because the application fails to properly sanitize user-supplied...
Land Down Under 800/801 forums.php Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/14618/info Land Down Under is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation may allow the...
DMXReady Site Engine Manager 1.0 Index.ASP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/21064/info DMXReady Site Engine Manager is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacke...
CubeCart 2.0.x view_product.php product Variable Path Disclosure
No description provided by source. source: http://www.securityfocus.com/bid/13050/info CubeCart is reported prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. These issues...
PromoProducts 'view_product.php' Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/30725/info PromoProducts is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...