Friendly Technologies TR-069 ACS 2.8.9 - Login SQL Injection

source: https://www.securityfocus.com/bid/38634/info Friendly Technologies TR-069 ACS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the applicatio...

Friendly Technologies TR-069 ACS 2.8.9 - Login SQL Injection

Friendly Technologies TR-069 ACS 2.8.9 - Login SQL Injection source: https://www.securityfocus.com/bid/38634/info Friendly Technologies TR-069 ACS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting th...

TikiWik < 4.2 - Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/38608/info TikiWiki is prone to multiple vulnerabilities, including: - An SQL-injection vulnerability - An unspecified authentication-bypass vulnerability - An unspecified vulnerability Exploiting these issues could allow an attacker to compromise the...

Natychmiast CMS - Multiple Cross-Site Scripting SQL Injections

Natychmiast CMS - Multiple Cross-Site Scripting SQL Injections source: https://www.securityfocus.com/bid/38561/info Natychmiast CMS is prone to multiple cross-site scripting and SQL-injection vulnerabilities. Exploiting these issues could allow an attacker to steal cookie-based authentication...

Joomla! Component HD FLV Player - 'id' SQL Injection

source: https://www.securityfocus.com/bid/38401/info The HD FLV Player component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

XlentProjects SphereCMS 1.1 - 'archive.php' SQL Injection

source: https://www.securityfocus.com/bid/38309/info SphereCMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify dat...

CommodityRentals CD Rental Software - 'index.php' SQL Injection

source: https://www.securityfocus.com/bid/38184/info CommodityRentals CD Rental Software is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

eZoneScripts Apartment Search Script 'listtest.php' SQL Injection Vulnerability

eZoneScripts Apartment Search Script 'listtest.php' SQL Injection Vulnerability. Webapps exploit for php platform source: http://www.securityfocus.com/bid/39905/info eZoneScripts Apartment Search Script is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize...

vBulletin Adsense Component - 'viewpage.php' SQL Injection

source: https://www.securityfocus.com/bid/38167/info The vBulletin Adsense component is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application...

ASCET Interactive Huski Retail - Multiple SQL Injections

source: https://www.securityfocus.com/bid/38129/info Huski Retail is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access ...

OpenX SQL Injection Vulnerability

OpenX is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying...

PHPMySpace Gold 8.0 - gid SQL Injection

PHPMySpace Gold 8.0 - gid SQL Injection source: https://www.securityfocus.com/bid/37881/info PHPMySpace Gold is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

Blaze Apps 1.x - SQL Injection / HTML Injection

source: https://www.securityfocus.com/bid/40212/info Blaze Apps is prone to multiple SQL-injection vulnerabilities and an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may exploit the HTML-injection issue to execute arbitrary script code i...

PonVFTP - login.php SQL Injection

PonVFTP - login.php SQL Injection source: https://www.securityfocus.com/bid/40608/info PonVFTP is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

Zenoss 2.3.3 - Multiple SQL Injections

source: https://www.securityfocus.com/bid/37802/info Zenoss is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or...

CVE-2009-4493

Orion Application Server 2.0.7 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator...

Layout CMS 1.0 SQL-Injection and Cross-Site Scripting Vulnerabilities

Layout CMS 1.0 SQL-Injection and Cross-Site Scripting Vulnerabilities. Webapps exploit for php platform source: http://www.securityfocus.com/bid/40415/info Layout CMS is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize...

Joomla! Component Jobads - 'type' SQL Injection

source: https://www.securityfocus.com/bid/37686/info The Jobads component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the applicatio...

CVE-2010-0225

SanDisk Cruzer Enterprise USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key...

Design/Logic Flaw

Verbatim Corporate Secure and Corporate Secure FIPS Edition USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key...