1167 matches found
Dizi Portali - diziler.asp SQL Injection
Dizi Portali - diziler.asp SQL Injection source: https://www.securityfocus.com/bid/31849/info Dizi Portali is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...
Code injection
lighttpd before 1.4.20 compares URIs to patterns in the 1 url.redirect and 2 url.rewrite configuration settings before performing URL decoding, which might allow remote attackers to bypass intended access restrictions, and obtain sensitive information or possibly modify data...
CVE-2008-4359
lighttpd before 1.4.20 compares URIs to patterns in the 1 url.redirect and 2 url.rewrite configuration settings before performing URL decoding, which might allow remote attackers to bypass intended access restrictions, and obtain sensitive information or possibly modify data...
InterTech WCMS - 'etemplate.php' SQL Injection
source: https://www.securityfocus.com/bid/31350/info InterTech Web Content Management System WCMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise th...
6rbScript - cat.php SQL Injection
6rbScript - cat.php SQL Injection source: https://www.securityfocus.com/bid/31329/info 6rbScript is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...
6rbScript - 'cat.php' SQL Injection
source: https://www.securityfocus.com/bid/31329/info 6rbScript is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify dat...
Hot Links SQL-PHP - news.php SQL Injection
Hot Links SQL-PHP - news.php SQL Injection source: https://www.securityfocus.com/bid/31118/info Hot Links SQL-PHP is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker ...
XRms 1.99.2 - 'login.php?target' Cross-Site Scripting
source: https://www.securityfocus.com/bid/31008/info XRMS CRM is prone to multiple input-validation vulnerabilities, including an unspecified SQL-injection issue, an HTML-injection issue, and multiple cross-site scripting issues. The vulnerabilities occur because the application fails to...
eliteCMS 1.0 - page SQL Injection
eliteCMS 1.0 - page SQL Injection source: https://www.securityfocus.com/bid/30990/info eliteCMS is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input. Attackers may exploit this issue to compromise the application, access or modify data, or exploit...
eliteCMS 1.0 - 'page' SQL Injection
source: https://www.securityfocus.com/bid/30990/info eliteCMS is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input. Attackers may exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the...
Simasy CMS - id SQL Injection
Simasy CMS - id SQL Injection source: https://www.securityfocus.com/bid/30774/info Simasy CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...
PHP Realty - dpage.php SQL Injection
PHP Realty - dpage.php SQL Injection source: https://www.securityfocus.com/bid/30678/info PHP Realty is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise...
POWERGAP ShopSystem - s03.php SQL Injection
POWERGAP ShopSystem - s03.php SQL Injection source: https://www.securityfocus.com/bid/30558/info POWERGAP Shopsystem is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attack...
Pre Survey Generator - default.asp SQL Injection
Pre Survey Generator - default.asp SQL Injection source: https://www.securityfocus.com/bid/30349/info Pre Survey Generator is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data. A successful exploit may allow an attacker to compromise the...
EasyDynamicPages 3.0 - Multiple SQL Injections Cross-Site Scripting Vulnerabilities
EasyDynamicPages 3.0 - Multiple SQL Injections Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/30305/info EasyDynamicPages is prone to multiple input-validation vulnerabilities, including an SQL-injection issue and a cross-site scripting issue, because it fails to...
PHPKF - 'forum_duzen.php' SQL Injection
source: https://www.securityfocus.com/bid/30318/info phpKF is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, o...
Pubs Black Cat [The Fun] - browse.groups.php SQL Injection
Pubs Black Cat The Fun - browse.groups.php SQL Injection source: https://www.securityfocus.com/bid/30221/info Pubs Black Cat The Fun is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could...
The Rat CMS - 'viewarticle.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/29959/info The Rat CMS is prone to multiple input-validation vulnerabilities, including SQL-injection issues and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to...
phpAuction - profile.php SQL Injection (2)
phpAuction - profile.php SQL Injection 2 source: https://www.securityfocus.com/bid/29856/info PHPAuction is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...
KEIL Software PhotoKorn 1.542 - index.php SQL Injection
KEIL Software PhotoKorn 1.542 - index.php SQL Injection source: https://www.securityfocus.com/bid/29808/info KEIL Software's photokorn is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data. A successful exploit may allow an attacker to compromise...