Clever Copy 3.0 - 'postview.php' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28437/info Clever Copy is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise t...

Image Racer SearchResults.ASP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25010/info Image Racer is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise t...

VUNET Mass Mailer 'default.asp' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26522/info Mass Mailer is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise t...

NPDS 4.8/5.0 comments.php thold Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/13649/info NPDS is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'thold' parameter. Successful exploitation could result in a...

Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 GradebookStuScores.asp GrdBk Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/27924/info Aeries Student Information System is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and an HTML-injection issue, because it fails to sufficiently sanitize...

MyBB 1.0.3 Moderation.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16538/info MyBB is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input. Successful exploitation can allow an attacker to bypass authentication and gain...

Xt-News 0.1 add_comment.php id_news Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21719/info Xt-News is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because it fails to sufficiently sanitize user-supplied input. An attacker could exploit...

Rapid Classified 3.1 search.asp SH1 Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21197/info Rapid Classified is prone to multiple input-validation issues, including multiple cross-site scripting issues and an SQL-injection issue, because the application fails to properly sanitize user-supplied input. ...

OpenDocMan 1.2.5 view_file.php XSS

No description provided by source. source: http://www.securityfocus.com/bid/36777/info OpenDocMan is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an...

CubeCart 3.0.x /admin/print_order.php order_id Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/20215/info CubeCart is prone to multiple input-validation vulnerabilities, including information-disclosure, cross-site scripting, and SQL-injection issues, because the application fails to properly sanitize user-supplied...

DeluxeBB 1.0 pm.php uid Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/14851/info DeluxeBB is prone to multiple SQL injection vulnerabilities. These are due to a lack of proper sanitization of user-supplied input before being sent to SQL queries. Successful exploitation could result in a...

Qualiteam X-Cart 4.0.8 error_message.php id Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/13817/info X-Cart is prone to SQL injection and cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. These vulnerabilities could permit remot...

Nuked-Klan 1.x Index.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17233/info Nuked-Klan is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allo...

ClassSystem 2.0/2.3 - class/ApplyDB.php Unrestricted File Upload Arbitrary Code Execution

No description provided by source. source: http://www.securityfocus.com/bid/29372/info ClassSystem is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. These issues include multiple SQL-injection vulnerabilities and an...

Qualiteam X-Cart 4.0.8 help.php section Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/13817/info X-Cart is prone to SQL injection and cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. These vulnerabilities could permit remot...

CubeCart 2.0.x tellafriend.php product Variable Path Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/13050/info CubeCart is reported prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. These issues...

Dokeos <= 1.8.4 main/calendar/myagenda.php courseCode Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/27792/info Dokeos is prone to multiple input-validation vulnerabilities including five SQL-injection issues, one HTML-injection issue, three cross-site scripting issues, and one arbitrary-file-upload issue. Attackers can...

PHP-Nuke 'KuiraniKerim' Module - 'sid' Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/29261/info The 'KuiraniKerim' module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow ...

Seditio 1.10 Users.Profile.Inc.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/21232/info Seditio is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

dotnetindex Professional Download Assistant 0.1 SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/32706/info Professional Download Assistant is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...