ClassSystem 2.02.3 - classApplyDB.php Unrestricted Arbitrary File Upload Arbitrary Code Execution

ClassSystem 2.02.3 - classApplyDB.php Unrestricted Arbitrary File Upload Arbitrary Code Execution source: https://www.securityfocus.com/bid/29372/info ClassSystem is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. These issues inclu...

Campus Bulletin Board 3.4 - post3book.asp?review Cross-Site Scripting

Campus Bulletin Board 3.4 - post3book.asp?review Cross-Site Scripting source: https://www.securityfocus.com/bid/29375/info Campus Bulletin Board is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and a cross-site scripting issue, because it fails to...

AbleDating 2.4 - search_results.php?keyword SQL Injection

AbleDating 2.4 - searchresults.php?keyword SQL Injection source: https://www.securityfocus.com/bid/29342/info AbleDating is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issues include an SQL-injection vulnerability and a...

Site Tanitimlari Scripti - Multiple SQL Injections

source: https://www.securityfocus.com/bid/29299/info Site Tanitimlari Scripti is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the...

Web Slider 0.6 - 'slide' SQL Injection

source: https://www.securityfocus.com/bid/29296/info Web Slider is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...

PHP-Nuke 'KuiraniKerim' Module - 'sid' SQL Injection

source: https://www.securityfocus.com/bid/29261/info The 'KuiraniKerim' module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

ACGV News 0.9.1 - glossaire.php?id Cross-Site Scripting

ACGV News 0.9.1 - glossaire.php?id Cross-Site Scripting source: https://www.securityfocus.com/bid/29253/info ACGV News is prone to multiple input-validation vulnerabilities, including an SQL-injection issue and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied...

ACGV News 0.9.1 - 'glossaire.php?id' SQL Injection

source: https://www.securityfocus.com/bid/29253/info ACGV News is prone to multiple input-validation vulnerabilities, including an SQL-injection issue and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to...

SunShop Shopping Cart 3.5.1 - index.php SQL Injection

SunShop Shopping Cart 3.5.1 - index.php SQL Injection source: https://www.securityfocus.com/bid/29241/info SunShop Shopping Cart is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could all...

philboard 0.5 - 'W1L3D4_konuoku.asp?id' SQL Injection

source: https://www.securityfocus.com/bid/29229/info Philboard is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or...

IBD Micro CMS 3.5 - microcms-admin-login.php Multiple SQL Injections

IBD Micro CMS 3.5 - microcms-admin-login.php Multiple SQL Injections source: https://www.securityfocus.com/bid/29159/info IBD Micro CMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these...

RunCMS 1.6.1 - 'pm.class.php' Multiple SQL Injections

source: https://www.securityfocus.com/bid/29069/info RunCMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or...

iGaming CMS 1.5 - 'poll_vote.php' SQL Injection

source: https://www.securityfocus.com/bid/29059/info iGaming CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...

BatmanPorTaL - profil.asp?id SQL Injection

BatmanPorTaL - profil.asp?id SQL Injection source: https://www.securityfocus.com/bid/29057/info BatmanPorTaL is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow an attacker ...

iGaming CMS 1.5 - poll_vote.php SQL Injection

iGaming CMS 1.5 - pollvote.php SQL Injection source: https://www.securityfocus.com/bid/29059/info iGaming CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

Zen Cart 2008 - 'index.php?keyword' SQL Injection

source: https://www.securityfocus.com/bid/29020/info Zen Cart is prone to a cross-site scripting vulnerability and an SQL-injection vulnerabilities because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based...

Alumni 1.0.8/1.0.9 - 'info.php?id' SQL Injection

source: https://www.securityfocus.com/bid/29019/info Project Alumni is prone to a cross-site scripting vulnerability and an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based...

Alumni 1.0.8/1.0.9 - 'index.php?year' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29019/info Project Alumni is prone to a cross-site scripting vulnerability and an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based...

PHCDownload 1.1 - '/upload/install/index.php?step' Cross-Site Scripting

source: https://www.securityfocus.com/bid/28922/info PHCDownload is prone to an SQL-injection and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspectin...

PHCDownload 1.1 - '/admin/index.php?hash' SQL Injection

source: https://www.securityfocus.com/bid/28922/info PHCDownload is prone to an SQL-injection and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspectin...