Dale Mooney Calendar Events - Viewevent.php SQL Injection

Dale Mooney Calendar Events - Viewevent.php SQL Injection source: https://www.securityfocus.com/bid/25456/info Calendar Events is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow...

CVE-2007-4427

Unspecified vulnerability in the login page redirection logic in the Cache' Server Page CSP implementation in InterSystems Cache' 2007.1.0.369.0 and 2007.1.1.420.0 allows remote authenticated users to modify data on a server, related to encoding of certain parameter values by this redirection...

CVE-2007-4427

InterSystems Cache CSP login-page redirection logic (Cache’ 2007.1.0.369.0 and 2007.1.1.420.0) contains an unspecified vulnerability in parameter value encoding that lets remote authenticated users modify server data. Root cause: encoding of certain parameters in the redirection logic. Impact: da...

CVE-2007-4193

Multiple cross-site request forgery CSRF vulnerabilities in index.php in IDE Group DVD Rental System DRS 5.1 before 20070801 allow remote attackers to perform certain actions as arbitrary users, as demonstrated by 1 modifying data or 2 canceling a subscription. NOTE: it is not clear whether IDE...

Next Gen Portfolio Manager - default.asp Multiple SQL Injections

Next Gen Portfolio Manager - default.asp Multiple SQL Injections source: https://www.securityfocus.com/bid/25195/info Next Gen Portfolio Manager is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query...

Lanius CMS 1.2.14 FAQ Module - mid SQL Injection

Lanius CMS 1.2.14 FAQ Module - mid SQL Injection source: https://www.securityfocus.com/bid/25193/info LANAI CMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an...

Lanius CMS 1.2.14 EZSHOPINGCART Module - 'cid' SQL Injection

source: https://www.securityfocus.com/bid/25193/info LANAI CMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or...

Hunkaray Okul Portali 1.1 - Duyuruoku.asp SQL Injection

Hunkaray Okul Portali 1.1 - Duyuruoku.asp SQL Injection source: https://www.securityfocus.com/bid/25185/info Hunkaray Okul Portali is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could...

Metyus Forum Portal 1.0 - 'Philboard_Forum.asp' SQL Injection

source: https://www.securityfocus.com/bid/25096/info Metyus Forum Portal is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or...

Bandersnatch 0.4 - Multiple Input Validation Vulnerabilities

Bandersnatch 0.4 - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/25094/info Bandersnatch is prone to multiple input-validation vulnerabilities because the application fails to sanitize user-supplied input. These issues include multiple SQL-injections...

Alstrasoft Video Share Enterprise 4.x - Multiple Input Validation Vulnerabilities

Alstrasoft Video Share Enterprise 4.x - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/25019/info AlstraSoft Video Share Enterprise is affected by multiple input-validation vulnerabilities. These issues include multiple cross-site scripting vulnerabilities and...

Alstrasoft Video Share Enterprise 4.x - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/25019/info AlstraSoft Video Share Enterprise is affected by multiple input-validation vulnerabilities. These issues include multiple cross-site scripting vulnerabilities and multiple SQL-injection vulnerabilities. Exploiting these issues could allow an...

Dora Emlak 1.0 Script - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/25004/info Dora Emlak Script is prone to multiple input-validation vulnerabilities, including HTML-injection and SQL-injection issues, because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker ...

husrevforum 1.0.12.0.1 - Philboard_forum.asp SQL Injection

husrevforum 1.0.12.0.1 - Philboardforum.asp SQL Injection source: https://www.securityfocus.com/bid/24928/info The 'husrevforum' program is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could...

husrevforum 1.0.1/2.0.1 - 'Philboard_forum.asp' SQL Injection

source: https://www.securityfocus.com/bid/24928/info The 'husrevforum' program is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access o...

Code injection

The SOAP webservice in vtiger CRM before 5.0.3 does not ensure that authenticated accounts are active, which allows remote authenticated users with inactive accounts to access and modify data, as demonstrated by the Thunderbird plugin...

Calendarix 0.7.20070307 - Multiple SQL Injections

source: https://www.securityfocus.com/bid/24633/info Calendarix is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or...

PHPAccounts 0.5 - 'index.php' Multiple SQL Injections

source: https://www.securityfocus.com/bid/24574/info PHP Accounts is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or...

Comersus Cart 7.0.7 - 'comersus_optReviewReadExec.asp?id' SQL Injection

source: https://www.securityfocus.com/bid/24562/info Comersus Cart is affected by multiple input validation vulnerabilities. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. The attacker may...

Comersus Cart 7.0.7 - comersus_optReviewReadExec.asp?id SQL Injection

Comersus Cart 7.0.7 - comersusoptReviewReadExec.asp?id SQL Injection source: https://www.securityfocus.com/bid/24562/info Comersus Cart is affected by multiple input validation vulnerabilities. A successful exploit could allow an attacker to compromise the application, access or modify data, or...