10439 matches found
SolucionXpressPro - main.php SQL Injection
SolucionXpressPro - main.php SQL Injection source: https://www.securityfocus.com/bid/33111/info SolucionXpressPro is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker ...
Madrese-Portal - 'haber.asp' SQL Injection
source: https://www.securityfocus.com/bid/33045/info Madrese-Portal is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input. Attackers may exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the...
Pligg evb/check_url.php url Parameter SQL Injection
The remote host is running Pligg, an open source content management system. The installed version of Pligg fails to sanitize user-supplied input to the 'url' parameter of the 'evb/checkurl.php' script before using it to construct database queries. Provided PHP's 'magicquotesgpc' setting is...
Injader 2.1.1 - SQL Injection / HTML Injection
source: https://www.securityfocus.com/bid/32843/info Injader is prone to multiple HTML-injection vulnerabilities and an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage the HTML-injection issues to execute arbitrary script code in...
Injader 2.1.1 - SQL Injection HTML Injection
Injader 2.1.1 - SQL Injection HTML Injection source: https://www.securityfocus.com/bid/32843/info Injader is prone to multiple HTML-injection vulnerabilities and an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage the HTML-injecti...
ASP-DEV XM Events Diary - cat SQL Injection
ASP-DEV XM Events Diary - cat SQL Injection source: https://www.securityfocus.com/bid/32809/info ASP-DEV XM Events Diary is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...
RevSense 1.0 - SQL Injection / Cross-Site Scripting
source: https://www.securityfocus.com/bid/32624/info RevSense is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication...
GLSA-200812-04 : lighttpd: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200812-04 lighttpd: Multiple vulnerabilities Multiple vulnerabilities have been reported in lighttpd: Qhy reported a memory leak in the httprequestparse function in request.c CVE-2008-4298. Gaetan Bisson reported that URIs are not...
Orkut Clone - 'profile_social.php?id' SQL Injection
source: https://www.securityfocus.com/bid/32600/info Orkut Clone is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication...
Orkut Clone - profile_social.php?id SQL Injection
Orkut Clone - profilesocial.php?id SQL Injection source: https://www.securityfocus.com/bid/32600/info Orkut Clone is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow a...
ASP Forum Script - messages.asp?message_id SQL Injection
ASP Forum Script - messages.asp?messageid SQL Injection source: https://www.securityfocus.com/bid/32571/info ASP Forum Script is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these...
ASP Forum Script - messages.asp?forum_id Cross-Site Scripting
ASP Forum Script - messages.asp?forumid Cross-Site Scripting source: https://www.securityfocus.com/bid/32571/info ASP Forum Script is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting...
Octeth Oempro 3.5.5 - Multiple SQL Injections
source: https://www.securityfocus.com/bid/32784/info Octeth Oempro is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access...
Pre Classified Listings 1.0 - detailad.asp SQL Injection
Pre Classified Listings 1.0 - detailad.asp SQL Injection source: https://www.securityfocus.com/bid/32566/info Pre Classified Listings is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue coul...
WebStudio CMS (index.php pageid) Blind SQL Injection Vulnerability
No description provided by source. Application: WebStudio CMS Vendor Name: BDigital Media Ltd Vendors Url: http://www.bdigital.biz Bug Type: WebStudio CMS pageid Blind SQL Injection Vulnerability Exploitation: Remote Severity: Critical Solution Status: Unpatched Introduction: WebStudio CMS is a...
Easyedit CMS - page.php?intPageID SQL Injection
Easyedit CMS - page.php?intPageID SQL Injection source: https://www.securityfocus.com/bid/32369/info Easyedit is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an...
YourFreeWorld Downline Builder Pro - tr.php SQL Injection
YourFreeWorld Downline Builder Pro - tr.php SQL Injection source: https://www.securityfocus.com/bid/32047/info Downline Builder Pro is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could...
YourFreeWorld Downline Builder Pro - 'tr.php' SQL Injection
source: https://www.securityfocus.com/bid/32047/info Downline Builder Pro is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or...
Tandis CMS 2.5 - index.php Multiple SQL Injections
Tandis CMS 2.5 - index.php Multiple SQL Injections source: https://www.securityfocus.com/bid/31930/info Tandis CMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input before using it in an SQL query. Exploiting these issues could allow ...
bcoos 1.0.13 - click.php SQL Injection
bcoos 1.0.13 - click.php SQL Injection source: https://www.securityfocus.com/bid/31941/info The 'bcoos' program is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...