BlueSoft Rate My Photo Site - 'ty' SQL Injection

source: https://www.securityfocus.com/bid/49092/info BlueSoft Rate My Photo Site is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application,...

Joomla! Component com_voj - SQL Injection

Joomla! Component comvoj - SQL Injection source: https://www.securityfocus.com/bid/48621/info The 'comvoj' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could all...

MyBloggie 2.1.6 - HTML Injection / SQL Injection

source: https://www.securityfocus.com/bid/48317/info myBloggie is prone to a SQL-injection vulnerabilities and an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to compromise the application, access or modify data,...

MyBloggie 2.1.6 - HTML Injection SQL Injection

MyBloggie 2.1.6 - HTML Injection SQL Injection source: https://www.securityfocus.com/bid/48317/info myBloggie is prone to a SQL-injection vulnerabilities and an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to...

CVE-2011-1861

Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to modify data or obtain sensitive information via unknown vectors...

CVE-2011-1861

Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to modify data or obtain sensitive information via unknown vectors...

Code injection

Unspecified vulnerability in HP Insight Control for Linux aka IC-Linux before 6.3 allows remote authenticated users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors...

CVE-2011-1535

Unspecified vulnerability in HP Insight Control for Linux aka IC-Linux before 6.3 allows remote authenticated users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors...

CVE-2011-1535

Unspecified vulnerability in HP Insight Control for Linux aka IC-Linux before 6.3 allows remote authenticated users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors...

CVE-2011-1532

Unspecified vulnerability in the SNMP component on the HP Photosmart D110 and B110; Photosmart Plus B210; Photosmart Premium C310, Fax All-in-One, and C510; and ENVY 100 D410 printers allows remote attackers to obtain sensitive information or modify data via vectors related to the Embedded Web...

PHP-Fusion - 'article_id' SQL Injection

source: https://www.securityfocus.com/bid/47128/info PHP-Fusion is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...

Rae Media Real Estate Single Agent SQL Injection

Real Estate Single is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the...

ReOS Local File Include and SQL Injection Vulnerabilities

ReOS is prone to a local file-include vulnerability and multiple SQL- injection vulnerabilities because it fails to properly sanitize user- supplied input. An attacker can exploit the local file-include vulnerability using directory- traversal strings to view and execute arbitrary local files...

CVE-2011-0489

The server components in Objectivity/DB 10.0 do not require authentication for administrative commands, which allows remote attackers to modify data, obtain sensitive information, or cause a denial of service by sending requests over TCP to 1 the Lock Server or 2 the Advanced Multithreaded Server...

Default credentials

Contents-Mall before 15 does not properly handle passwords, which allows remote attackers to discover the administrative password, and consequently obtain sensitive information or modify data, via unspecified vectors...

CVE-2010-3925

Contents-Mall before 15 does not properly handle passwords, which allows remote attackers to discover the administrative password, and consequently obtain sensitive information or modify data, via unspecified vectors...

TinyBB 'Profile' SQL Injection Vulnerability

TinyBB is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying...

CVE-2010-4498

Unspecified vulnerability in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 and ActiveCatalog before 1.0.1, allows remote attackers to modify data or obtain sensitive information via a crafted URL...

CVE-2010-4498

Unspecified vulnerability in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 and ActiveCatalog before 1.0.1, allows remote attackers to modify data or obtain sensitive information via a crafted URL...

PHPRS - 'model-kits.php' SQL Injection

source: https://www.securityfocus.com/bid/45467/info phpRS is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modif...