DEBIAN-CVE-2005-3980

SQL injection vulnerability in the ticket query module in Edgewall Trac 0.9 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the group parameter...

Colorful website, hang horse way-vulnerability warning-the black bar safety net

| --- The first description of the point, not how to teach you hung it, is to let you learn to hang horse, how to defend, how to find a horse, how to find keywords, how for you to learn someone is by what method linked to on your website.. Favorable there are disadvantages, just see how...

PT-2005-3816 · Noah · Noah'S Classifieds

Name of the Vulnerable Software and Affected Versions: Noah's classifieds affected versions not specified Description: A SQL injection issue exists, allowing remote attackers to execute arbitrary SQL commands. This is achieved by manipulating the rollid parameter in the index.php file...

DEBIAN-CVE-2005-1525

SQL injection vulnerability in configsettings.php for Cacti before 0.8.6e allows remote attackers to execute arbitrary SQL commands via the id parameter...

PT-2005-2863 · Unknown · Livingmailing

Name of the Vulnerable Software and Affected Versions: livingmailing version 1.3 Description: The issue allows remote attackers to execute arbitrary SQL commands via the password in the login.asp file. There is little public information available about the product and its vendor. Recommendations:...

DEBIAN-CVE-2005-1810

SQL injection vulnerability in template-functions-category.php in WordPress 1.5.1 allows remote attackers to execute arbitrary SQL commands via the $catID variable, as demonstrated using the cat parameter to index.php...

DEBIAN-CVE-2005-1687

SQL injection vulnerability in wp-trackback.php in Wordpress 1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the tbid parameter...

PT-2005-2616 · Sigma · Sigma Isp Manager

Name of the Vulnerable Software and Affected Versions: Sigma ISP Manager version 6.6 Description: The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved by manipulating the username, password, or domain fields. Recommendations: For Sigma ISP Manager version 6.6,...

PT-2005-2234 · Ecommpro · Ecommpro

Name of the Vulnerable Software and Affected Versions: EcommPro version 3.0 Description: The issue allows remote attackers to execute arbitrary SQL commands via the password field in the login.asp file. This can potentially lead to unauthorized access and data manipulation. Recommendations: For...

CitrusDB 0.3.6 - 'importcc.php' Arbitrary Database Injection

source: https://www.securityfocus.com/bid/12557/info CitrusDB is reportedly affected by an access validation vulnerability during the upload of CSV files. Exploitation of this issue could result in path disclosure or SQL injection. The issue exists because the application fails to verify user...

CitrusDB 0.3.6 - 'uploadcc.php' Arbitrary Database Injection

source: https://www.securityfocus.com/bid/12557/info CitrusDB is reportedly affected by an access validation vulnerability during the upload of CSV files. Exploitation of this issue could result in path disclosure or SQL injection. The issue exists because the application fails to verify user...

CitrusDB 0.3.6 - uploadcc.php Arbitrary Database Injection

CitrusDB 0.3.6 - uploadcc.php Arbitrary Database Injection source: https://www.securityfocus.com/bid/12557/info CitrusDB is reportedly affected by an access validation vulnerability during the upload of CSV files. Exploitation of this issue could result in path disclosure or SQL injection. The...

CitrusDB 0.3.6 - importcc.php Arbitrary Database Injection

CitrusDB 0.3.6 - importcc.php Arbitrary Database Injection source: https://www.securityfocus.com/bid/12557/info CitrusDB is reportedly affected by an access validation vulnerability during the upload of CSV files. Exploitation of this issue could result in path disclosure or SQL injection. The...

CVE-2004-2324

SQL injection vulnerability in DotNetNuke formerly IBuySpy Workshop 1.0.6 through 1.0.10d allows remote attackers to modify the backend database via the 1 table and 2 field parameters in LinkClick.aspx...

Silent Storm Portal Multiple Vulnerabilities

No description provided by source. Demonstration: Register a user account then login and run the exploit.html ---exploit.html---- form method="post" action="http://www.victim.com/index.php?module=../../profile" input type="text" name="mail" value="any mail com"br input type="hidden" name="mail"...

security flaw

SQL injection vulnerability in SquirrelMail before 1.4.3 RC1 allows remote attackers to execute unauthorized SQL statements, with unknown impact, probably via abookdatabase.php...

List Site Pro 2.0 - User Database Delimiter Injection

source: https://www.securityfocus.com/bid/6685/info List Site PRO is a top site ranking system that counts hits from member sites and then ranks them according to the number of hits. A problem has been reported for List Site PRO that would allow an attacker to inject arbitrary values via html inp...

List Site Pro 2.0 - User Database Delimiter Injection

List Site Pro 2.0 - User Database Delimiter Injection source: https://www.securityfocus.com/bid/6685/info List Site PRO is a top site ranking system that counts hits from member sites and then ranks them according to the number of hits. A problem has been reported for List Site PRO that would all...