WP-Forum Plugin for WordPress 'forum_feed.php' 'thread' Parameter SQL Injection

The remote host is running WP-Forum, a third-party discussion forum plugin for WordPress. The version of WP-Forum installed on the remote host fails to sanitize input to the 'thread' parameter of the 'forumfeed.php' script before using it in a database query. Regardless of PHP's 'magicquotesgpc'...

Oempro index.php FormValue_Email Parameter SQL Injection Authentication Bypass

The remote host is running Oempro, a commercial list management and email marketing application written in PHP. The installed version of Oempro fails to sanitize user-supplied input to the 'FormValueEmail' parameter of the 'index.php' script before using it in a database query. An unauthenticated...

PhpWebGallery comments.php sort_by Parameter SQL Injection

The remote host is running PhpWebGallery, an open source photo gallery application written in PHP. The installed version of PhpWebGallery fails to sanitize user-supplied input to the 'sortby' parameter of the 'comments.php' script before using it in a database query. Regardless of PHP's...

Zen Cart products_id[] Array SQL Injection

The installed version of Zen Cart does not validate user-supplied input to the 'productsid' parameter array of the 'index.php' script when 'action' is set to 'multipleproductsaddproduct' before using the keys in a database query in the 'incartmixed' function in 'includes/classes/shoppingcart.php'...

phpBazar 2.0.2 (adid) Remote SQL Injection Vulnerability

No description provided by source. phpBazar SQL Injection Vulnerability all versions by: e.wiZz! info: Bosnian Idiot FTW! In the wild.... Script site : http://www.smartisoft.com/ Vulnerability: http://inthewild.com/INSTALL PATH/classified.php?catid=x&subcatid=x&adid=x SQL INJECTION PoC on demo...

phpBazar 2.0.2 (adid) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ======================================================== phpBazar 2.0.2 adid Remote SQL Injection Vulnerability ======================================================== phpBazar SQL Injection Vulnerability all versions by: e.wiZz! info:...

RTH login.php uname Parameter SQL Injection

The remote host is running RTH, a web-based software testing framework written in PHP. The version of RTH installed on the remote host fails to sanitize input to the 'uname' array parameter of the 'login.php' script before using it in a database query. Provided PHP's 'magicquotesgpc' setting is...

Plogger plog-download.php checked[] Parameter SQL Injection

The remote host appears to be running Plogger, an open source photo gallery written in PHP. The version of Plogger installed on the remote host fails to sanitize input to the 'checked' array parameter of the 'plog-download.php' script when 'dltype' is set to 'album' before using it in a database...

Symphony sym_auth Cookie SQL Injection

The version of Symphony installed on the remote host fails to sanitize user-supplied input to the 'symauth' cookie before using it in the 'login' function in 'lib/class.admin.php' in a database query. An unauthenticated attacker may be able to exploit this issue to manipulate database queries to...

joomladbquery-rfi.txt

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@...

Ektron CMS400.NET WorkArea/ContentRatingGraph.aspx res Parameter SQL Injection

The remote host is running CMS400.NET, a .NET content management solution. The version of CMS400.NET installed on the remote host fails to sanitize user-supplied input to the 'res' parameter of the 'WorkArea/ContentRatingGraph.aspx' script before using it in a database query. An unauthenticated...

LifeType for Drupal (pLog) index.php albumId Parameter SQL Injection

The remote host is running pLog or Lifetype, an open source blogging platform written in PHP. The remote version of this software fails to sanitize user-supplied input to the 'albumId' parameter of the 'index.php' script before using it in a database query in the 'getAlbum' method in...

JP1/NETM/DM Manager SQL Injection Vulnerability

Overview JP1/NETM/DM Manager for Windows is vulnerable to SQL injection where a relational database is used as the JP1/NETM/DM database. This could allow attackers to execute arbitrary SQL command and/or corrupt database when it receives a malformed request. Impact An attacker could execute...

Coppermine Photo Gallery bridge/coppermine.inc.php Bridge Wizard Session Cookie SQL Injection

The version of Coppermine installed on the remote host fails to sanitize user-supplied input to the bridge wizard session cookie before using it in a database query in 'bridge/coppermine.inc.php'. Regardless of PHP's 'magicquotesgpc' setting, an attacker may be able to exploit this issue to...

Site Sift Listings detail.php id Parameter SQL Injection

The remote host is running Site Sift, a PHP script for maintaining a web directory. The version of Site Sift installed on the remote host fails to sanitize user-supplied input to the 'id' parameter before before using it in the 'detail.php' script to construct a database query. Regardless of PHP'...

osCommerce Customer Testimonials customer_testimonials.php testimonial_id Parameter SQL Injection

The remote host is running Customer Testimonials, a third-party addon for the open source e-commerce system osCommerce. The version of Customer Testimonials installed on the remote host fails to sanitize user input to the 'testimonialid' parameter of the 'customertestimonials.php' script before...

PortalApp forums.asp sortby Parameter SQL Injection

The remote host is running PortalApp, a CMS and portal system written in ASP. The version of PortalApp installed on the remote host fails to sanitize input to the 'sortby' parameter of the 'forums.asp' script before using it in a database query. An unauthenticated attacker may be able to exploit...

RunCMS Multiple Script lid Parameter SQL Injection

The version of this software installed on the remote host fails to sanitize user-supplied input to the 'lid' parameter of the 'modules/mydownloads/visit.php' script before using it in a database query. Regardless of PHP's 'magicquotesgpc' and 'registerglobals' settings, an attacker may be able to...

Site@School slideshow_full.php album_name Parameter SQL Injection

The remote host is running Site@School, an open source, PHP-based, content management system intended for primary schools. The version of this software installed on the remote host fails to sanitize user-supplied input to the 'albumname' parameter of the 'starnet/addons/slideshowfull.php' script...

CMS Made Simple modules/TinyMCE/content_css.php templateid Parameter SQL Injection

The remote host appears to be running CMS Made Simple, a content management system written in PHP. The version of CMS Made Simple installed on the remote host fails to sanitize user-supplied input to the 'templateid' parameter of the 'modules/TinyMCE/contentcss.php' script before using it in a...