Alguest 1.1 - 'start' SQL Injection

source: https://www.securityfocus.com/bid/45214/info Alguest is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or...

Pandora FMS <= 3.1 Multiple Input Validation Vulnerabilities - Active Check

Pandora FMS is prone to an authentication bypass vulnerability as well as the following input-validation vulnerabilities: - A commandinjection vulnerability - Multiple SQL injection SQLi vulnerabilities - A remote file include RFI vulnerability - An arbitrary PHP code execution vulnerability -...

BugTracker.NET 3.4.4 - SQL Injection Cross-Site Scripting

BugTracker.NET 3.4.4 - SQL Injection Cross-Site Scripting source: https://www.securityfocus.com/bid/45121/info BugTracker.NET is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these...

Simea CMS - &#039;index.php&#039; SQL Injection

source: https://www.securityfocus.com/bid/44878/info Simea CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify dat...

Dolphin SQL Injection and Information Disclosure Vulnerabilities

Dolphin is prone to an SQL-injection vulnerability and an information- disclosure vulnerability. Exploiting these issues could allow an attacker to obtain sensitive information, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. Dolphi...

Joomla! Component AutoArticles 3000 - SQL Injection

Joomla! Component AutoArticles 3000 - SQL Injection source: https://www.securityfocus.com/bid/44694/info The AutoArticles 3000 component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting...

CVE-2010-4105

Unspecified vulnerability in HP Insight Orchestration before 6.2 allows remote attackers to bypass intended access restrictions, and obtain sensitive information or modify data, via unknown vectors...

Online Work Order Suite - Login SQL Injection

Online Work Order Suite - Login SQL Injection source: https://www.securityfocus.com/bid/44608/info Online Work Order Suite is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...

CVE-2010-4029

Unspecified vulnerability in HP Storage Essentials before 6.3.0, when LDAP authentication is enabled, allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors...

CVE-2010-3993

Unspecified vulnerability in HP Insight Control Server Migration before 6.2 allows remote attackers to obtain sensitive information or modify data via unknown vectors...

Authentication flaw

Unspecified vulnerability in HP Storage Essentials before 6.3.0, when LDAP authentication is enabled, allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors...

Code injection

Unspecified vulnerability in LoadRunner Web Tours 9.10 in HP LoadRunner 9.1 and earlier allows remote attackers to cause a denial of service, and possibly obtain sensitive information or modify data, via unknown vectors...

CVE-2010-3993

Unspecified vulnerability in HP Insight Control Server Migration before 6.2 allows remote attackers to obtain sensitive information or modify data via unknown vectors...

CVE-2010-4029

HP Storage Essentials prior to 6.3.0 contains an LDAP authentication vulnerability (CVE-2010-4029) that can enable remote attackers to obtain sensitive information, modify data, or cause a denial of service. The issue is triggered when LDAP authentication is enabled and affects HP Storage Essenti...

CVE-2010-4028

Unspecified vulnerability in LoadRunner Web Tours 9.10 in HP LoadRunner 9.1 and earlier allows remote attackers to cause a denial of service, and possibly obtain sensitive information or modify data, via unknown vectors...

MySITE - SQL Injection / Cross-Site Scripting

source: https://www.securityfocus.com/bid/43510/info MySITE is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these vulnerabilities could allow an attacker to steal cookie-based authenticati...

Group-Office 'modules/notes/json.php' SQL Injection Vulnerability

Group-Office is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to execute arbitrary code, compromise the application, access or modify data, or exploit latent...

Code injection

Unspecified vulnerability on the HP ProCurve 2626 and 2650 switches before H.10.80 allows remote attackers to obtain sensitive information, modify data, and cause a denial of service via unknown vectors...

Allinta CMS 22.07.2010 - Multiple SQL Injections Cross-Site Scripting Vulnerabilities

Allinta CMS 22.07.2010 - Multiple SQL Injections Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/42320/info Allinta CMS is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize...

CVE-2010-2707

Unspecified vulnerability on the HP ProCurve 2626 and 2650 switches before H.10.80 allows remote attackers to obtain sensitive information, modify data, and cause a denial of service via unknown vectors...