1161 matches found
Joomla! Component com_xball - 'team_id' SQL Injection
source: https://www.securityfocus.com/bid/51618/info The 'comxball' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...
Tribiq CMS - 'index.php' SQL Injection
source: https://www.securityfocus.com/bid/51614/info Tribiq CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...
PostNuke pnAddressbook Module - 'id' SQL Injection
source: https://www.securityfocus.com/bid/51566/info The pnAddressbook module for PostNuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...
Vastal EzineShop - 'view_mags.php' SQL Injection
source: https://www.securityfocus.com/bid/51571/info Vastal EzineShops is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or...
Vastal EzineShop - view_mags.php SQL Injection
Vastal EzineShop - viewmags.php SQL Injection source: https://www.securityfocus.com/bid/51571/info Vastal EzineShops is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attack...
Freelance Zone - 'show_code.php' SQL Injection
source: https://www.securityfocus.com/bid/51533/info Freelance Zone is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modif...
Clipbucket 2.6 - 'search_result.php?query' Cross-Site Scripting
source: https://www.securityfocus.com/bid/51321/info ClipBucket is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these vulnerabilities could allow an attacker to steal...
CVE-2011-4169
Unspecified vulnerability in HP Managed Printing Administration before 2.6.4 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors...
CVE-2011-4169
HP Managed Printing Administration before 2.6.4 is affected by CVE-2011-4169. The vulnerability arises in the img_id parameter handling within multiple HP MP A scripts (imglist/imgselect, imgmap/bgselect, imgmap/imgselect) where input can be manipulated to perform SQL injection and directory trav...
Cyberoam UTM 10 - tableid SQL Injection
Cyberoam UTM 10 - tableid SQL Injection source: https://www.securityfocus.com/bid/51143/info Cyberoam UTM is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...
Video Community Portal - 'userID' SQL Injection
source: https://www.securityfocus.com/bid/51108/info Video Community Portal is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access ...
webERP 4.3.8 - '/reportwriter/ReportMaker.php?reportid' SQL Injection
source: https://www.securityfocus.com/bid/50713/info webERP is prone to information-disclosure, SQL-injection, and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker may exploit the information-disclosure issue to gain access to sensiti...
webERP 4.3.8 - reportwriterReportMaker.php?reportid SQL Injection
webERP 4.3.8 - reportwriterReportMaker.php?reportid SQL Injection source: https://www.securityfocus.com/bid/50713/info webERP is prone to information-disclosure, SQL-injection, and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker may...
PBCS Technology - articlenav.php SQL Injection
PBCS Technology - articlenav.php SQL Injection source: https://www.securityfocus.com/bid/50577/info PBCS Technology is prone to an SQL Injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacke...
Admin Bot - 'news.php' SQL Injection
source: https://www.securityfocus.com/bid/50562/info Admin Bot is prone to an SQL Injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify dat...
CVE-2011-2676
The A-Form and A-Form bamboo before 1.3.6 and 2.x before 2.0.3, and A-Form PC and PC/Mobile before 3.1, plug-ins for Movable Type do not require administrative authentication, which allows remote authenticated users to modify data via unspecified vectors...
Joomla! Component com_br - 'state_id' SQL Injection
source: https://www.securityfocus.com/bid/50042/info The 'combr' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...
Joomla! Component com_expedition - 'id' SQL Injection
source: https://www.securityfocus.com/bid/50019/info The 'comexpedition' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...
Joomla! Component com_expedition - id SQL Injection
Joomla! Component comexpedition - id SQL Injection source: https://www.securityfocus.com/bid/50019/info The 'comexpedition' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting thi...
Zyncro 3.0.1.20 - Social Network Message Menu SQL Injection
Zyncro 3.0.1.20 - Social Network Message Menu SQL Injection source: https://www.securityfocus.com/bid/49741/info Zyncro social network is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue cou...