98 matches found
Sqlmap Automated SQL Injection tool
Sqlmap is an automated SQL Injection tool. Remote attackers can use Sqlmap to fetch data from the database and execute SQL statements...
Limny - 'index.php' Multiple SQL Injections
source: https://www.securityfocus.com/bid/54753/info Limny is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow an attacker to compromise the application, access or modify...
[PT-2011-19] SQL injection vulnerability in Help Request System
---------------------------------------------------------------------- PT-2011-19 Positive Technologies Security Advisory SQL injection vulnerability in Help Request System ---------------------------------------------------------------------- --- Vulnerable software Help Request System Version...
PT-2011-14: SQL injection vulnerability in BoonEx Dolphin
Positive Research Center has discovered an SQL injection vulnerability in Dolphin 6.1. Application incorrectly validates input data. That allows attackers to conduct SQL injection attack. "SQL Injection" is a way to bypass network protection and attack the database. Settings transferred to the...
ExtCalendar 'cat_id' parameter SQL Injection
The version of the ExtCalendar installed on the remote host is affected by a SQL injection vulnerability. The application fails to properly sanitize user-supplied input to the 'catid' parameter of the 'calendar.php' script before using it in a database query. Regardless of PHP's 'magicquotesgpc'...
Symphony sym_auth Cookie SQL Injection
The version of Symphony installed on the remote host fails to sanitize user-supplied input to the 'symauth' cookie before using it in the 'login' function in 'lib/class.admin.php' in a database query. An unauthenticated attacker may be able to exploit this issue to manipulate database queries to...
TrailScout Module For Drupal Session Cookie SQL Injection
The remote host is running TrailScout, a third-party module for Drupal that displays a breadcrumb-like trail showing pages a user recently visited on a site. The version of the TrailScout module installed on the remote host fails to sanitize user-supplied input to the session cookie before using ...
CVE-2007-6013
Wordpress 1.5 through 2.3.1 uses cookie values based on the MD5 hash of a password MD5 hash, which allows attackers to bypass authentication by obtaining the MD5 hash from the user database, then generating the authentication cookie from that hash...
Kayako Live Response 2.0 - index.php?Username Cross-Site Scripting
Kayako Live Response 2.0 - index.php?Username Cross-Site Scripting source: https://www.securityfocus.com/bid/14425/info Kayako LiveResponse is prone to multiple cross-site scripting, SQL injection, and HTML injection vulnerabilties. These issues are all related to input validation errors. The...
DUforum Multiple Scripts SQL Injection
The remote host is running DUforum, a web-based message board written in ASP from DUware. The installed version of DUforum fails to properly sanitize user- supplied input in several instances before using it in SQL queries. By exploiting these flaws, an attacker can affect database queries,...
PAFileDB 1.1.32.1.13.03.1 - Multiple Input Validation Vulnerabilities
PAFileDB 1.1.32.1.13.03.1 - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/13967/info paFileDB is prone to multiple input validation vulnerabilities. The following issues are reported: Multiple SQL injection issues exist in paFileDB. The impact of these issues...
PAFileDB 1.1.3/2.1.1/3.0/3.1 - 'category.php?start' Cross-Site Scripting
source: https://www.securityfocus.com/bid/12788/info Multiple SQL injection and cross-site scripting vulnerabilities exist in paFileDB. These issues are reported to exist in the 'viewall.php' and 'category.php' scripts. Exploitation of these issues may allow for compromise of the software, sessio...
PAFileDB 1.1.3/2.1.1/3.0/3.1 - 'category.php?start' SQL Injection
source: https://www.securityfocus.com/bid/12788/info Multiple SQL injection and cross-site scripting vulnerabilities exist in paFileDB. These issues are reported to exist in the 'viewall.php' and 'category.php' scripts. Exploitation of these issues may allow for compromise of the software, sessio...
PAFileDB 1.1.32.1.13.03.1 - viewall.php?start Cross-Site Scripting
PAFileDB 1.1.32.1.13.03.1 - viewall.php?start Cross-Site Scripting source: https://www.securityfocus.com/bid/12788/info Multiple SQL injection and cross-site scripting vulnerabilities exist in paFileDB. These issues are reported to exist in the 'viewall.php' and 'category.php' scripts. Exploitati...
PAFileDB 1.1.3/2.1.1/3.0/3.1 - 'viewall.php?start' SQL Injection
source: https://www.securityfocus.com/bid/12788/info Multiple SQL injection and cross-site scripting vulnerabilities exist in paFileDB. These issues are reported to exist in the 'viewall.php' and 'category.php' scripts. Exploitation of these issues may allow for compromise of the software, sessio...
vbPortal 2.0 alpha 8.1 - (Authenticated) SQL Injection
source: https://www.securityfocus.com/bid/8613/info It has been reported that vbPortal is prone to SQL injection attacks when authentication users. The problem occurs due to insufficient sanitization of the $aid variable, used to store the name of the authenticating user. As a result, an attacker...
Geeklog 1.3.x - (Authenticated) SQL Injection
source: https://www.securityfocus.com/bid/7742/info Geeklog is reported to be prone to SQL injection attacks during authentication. This is due to insufficient sanitization of cookie values, which could permit an attacker to inject SQL code. This issue could be exploited to compromise Geeklog or ...
IISProtect 2.1/2.2 - Web Administration Interface SQL Injection
source: https://www.securityfocus.com/bid/7675/info The IISProtect web administration interface does not properly sanitize user input. This could allow for SQL injection attacks on a Microsoft IIS server running IISProtect. Successful exploitation could result in a compromise of the IISProtect...