1161 matches found
CMSCart 1.04 'maindatafunctions.php' SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/34017/info CMSCart is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...
Logaholic profiles.php newconfname Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/27003/info Logaholic is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues, a cross-site scripting issue, and an HTML-injection issue. The issues occur because the application fail...
NewsHOWLER 1.03 Cookie Data SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/30732/info NewsHOWLER is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise th...
DeltaScripts PHP Classifieds 6.20 Member_Login.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16642/info PHP Classifieds is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation...
Joomla! and Mambo 'com_guide' Component - 'category' Parameter - SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28271/info The 'guide' component for Joomla! and Mambo is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could...
Iatek PortalApp 4.0 - 'links.asp' SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28315/info PortalApp is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...
e107 0.7.x 'e107_admin/banner.php' SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/39609/info e107 is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...
Calendar Express 2.2 Month.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/18314/info Calendar Express is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit coul...
ZeusCart - 'prodid' SQL Injection
source: https://www.securityfocus.com/bid/68182/info ZeusCart is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data...
webEdition CMS - 'we_fs.php' SQL Injection
source: https://www.securityfocus.com/bid/67689/info webEdition CMS is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input. A successful exploit will allow an attacker to compromise the application, access or modify data, or exploit laten...
XOOPS Glossaire Module - '/modules/glossaire/glossaire-aff.php' SQL Injection
source: https://www.securityfocus.com/bid/67460/info Glossaire module for XOOPS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can leverage this issue to compromise the application, access or...
CIS Manager - 'email' SQL Injection
source: https://www.securityfocus.com/bid/67442/info CIS Manager is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit will allow an attacker to compromise the application, access or modify dat...
CIS Manager - email SQL Injection
CIS Manager - email SQL Injection source: https://www.securityfocus.com/bid/67442/info CIS Manager is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit will allow an attacker to compromise the...
CVE-2013-5459
Unspecified vulnerability in IBM Rational Software Architect RSA Design Manager and Rational Rhapsody Design Manager 3.x through 3.0.1 and 4.x before 4.0.6 allows remote authenticated users to modify data by leveraging improper parameter checking...
Joomla! Component Inneradmission - 'index.php' SQL Injection
source: https://www.securityfocus.com/bid/66708/info Inneradmission component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...
Puntopy - 'novedad.php' SQL Injection
source: https://www.securityfocus.com/bid/67241/info Puntopy is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow an attacker to compromise the application, access or modify data, or...
CVE-2013-6206
Unspecified vulnerability in HP Rapid Deployment Pack RDP and Insight Control Server Deployment allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors...
CVE-2013-6205
Unspecified vulnerability in HP Rapid Deployment Pack RDP and Insight Control Server Deployment allows local users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors...
Code injection
Unspecified vulnerability in HP Rapid Deployment Pack RDP and Insight Control Server Deployment allows local users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors...
CVE-2013-6206
HP Rapid Deployment Pack (RDP) and HP Insight Control Server Deployment are affected by CVE-2013-6206. The vulnerability enables remote attackers to obtain sensitive information, modify data, or trigger a denial of service via unknown vectors. CVSS v2 base score is 9.0 (HIGH) with Network attack ...