Dokeos 1.8.4 - '/main/admin/session_list.php?cmessage' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27792/info Dokeos is prone to multiple input-validation vulnerabilities including five SQL-injection issues, one HTML-injection issue, three cross-site scripting issues, and one arbitrary-file-upload issue. Attackers can exploit these issues to execute...

Site2Nite Real Estate Web - 'agentlist.asp' Multiple SQL Injections

source: https://www.securityfocus.com/bid/27779/info Site2Nite Real Estate Web is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the...

okul siteleri 'com_mezun' Component - SQL Injection

source: https://www.securityfocus.com/bid/27755/info 'okul siteleri' is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modi...

Cacti 0.8.7 - 'graph_view.php?filter' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27749/info Cacti is prone to multiple unspecified input-validation vulnerabilities, including: - Multiple cross-site scripting vulnerabilities - Multiple SQL-injection vulnerabilities - An HTTP response-splitting vulnerability. Attackers may exploit these...

Counter Strike Portals - 'download' SQL Injection

source: https://www.securityfocus.com/bid/27747/info Counter Strike Portals is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access ...

Rapid-Source Rapid-Recipe Component - Multiple SQL Injections

source: https://www.securityfocus.com/bid/27724/info Rapid-Recipe is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access ...

Codice CMS - login.php SQL Injection

Codice CMS - login.php SQL Injection source: https://www.securityfocus.com/bid/27592/info Codice CMS is prone to an SQL-injection vulnerability because it fails to adequately sanitize user-supplied data. A successful exploit may allow an attacker to compromise the application, access or modify...

Simple OS CMS 0.1c_beta - login.php SQL Injection

Simple OS CMS 0.1cbeta - login.php SQL Injection source: https://www.securityfocus.com/bid/27589/info Simple OS CMS is prone to an SQL-injection vulnerability because it fails to adequately sanitize user-supplied data. A successful exploit may allow an attacker to compromise the application, acce...

Joomla! Mambo Component com_buslicense - aid SQL Injection

Joomla! Mambo Component combuslicense - aid SQL Injection source: https://www.securityfocus.com/bid/27508/info The 'combuslicense' component for Mambo/Joomla is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query...

ASPired2Protect Login Page - SQL Injection

source: https://www.securityfocus.com/bid/27474/info ASPired2Protect is prone to an SQL-injection vulnerability because it fails to adequately sanitize user-supplied data. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent...

E-Smart Cart - Members Login Multiple SQL Injection Vulnerabilities

E-Smart Cart - Members Login Multiple SQL Injection Vulnerabilities source: https://www.securityfocus.com/bid/27452/info E-SMART CART is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these...

Pre Hotel and Resorts - 'user_login.asp' Multiple SQL Injection Vulnerabilities

source: https://www.securityfocus.com/bid/27450/info Pre Hotel and Resorts is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application...

Pre Hotel and Resorts - user_login.asp Multiple SQL Injection Vulnerabilities

Pre Hotel and Resorts - userlogin.asp Multiple SQL Injection Vulnerabilities source: https://www.securityfocus.com/bid/27450/info Pre Hotel and Resorts is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query...

Clever Copy 3.0 - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/27335/info Clever Copy is prone to multiple input-validation vulnerabilities, including two SQL-injection issues and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacke...

MyBB 1.2.10 - moderation.php Multiple SQL Injections

MyBB 1.2.10 - moderation.php Multiple SQL Injections source: https://www.securityfocus.com/bid/27323/info MyBB is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an...

eggBlog index.php eggblogpassword Parameter Cookie SQL Injection

The remote host is running eggBlog, a free PHP and MySQL blog software package. The version of eggBlog installed on the remote host fails to sanitize input to the 'eggblogpassword' cookie before using it in 'etc/header.php' to construct database queries. Provided PHP's 'magicquotesgpc' setting is...

ID-Commerce 2.0 - liste.php SQL Injection

ID-Commerce 2.0 - liste.php SQL Injection source: https://www.securityfocus.com/bid/27220/info ID-Commerce is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

eTicket 1.5.5.2 - 'admin.php' Multiple SQL Injections

source: https://www.securityfocus.com/bid/27173/info eTicket is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. These vulnerabilities include multiple SQL-injection issues, a cross-site scripting issue, and an...

eTicket 1.5.5.2 - search.php Multiple SQL Injections

eTicket 1.5.5.2 - search.php Multiple SQL Injections source: https://www.securityfocus.com/bid/27173/info eTicket is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. These vulnerabilities include multiple SQL-injection...

IBM Rational ClearQuest Username Parameter SQL Injection Vulnerability

IBM Rational ClearQuest is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in...