3915 matches found
PowerPortal 1.3 - SQL Injection
source: https://www.securityfocus.com/bid/11681/info PowerPortal is reported vulnerable to remote SQL injection. This issue is due to a failure of the application to properly validate user-supplied input prior to including it in an SQL query. PowerPortal 1.3 is reported prone to this vulnerabilit...
PowerPortal 1.3 - SQL Injection
PowerPortal 1.3 - SQL Injection source: https://www.securityfocus.com/bid/11681/info PowerPortal is reported vulnerable to remote SQL injection. This issue is due to a failure of the application to properly validate user-supplied input prior to including it in an SQL query. PowerPortal 1.3 is...
Phorum 5.0.x - 'FOLLOW.php' SQL Injection
source: https://www.securityfocus.com/bid/11660/info Reportedly Phorum is affected by a remote SQL injection vulnerability. This issue is due to a failure of the application to properly sanitized user supplied URI input. This issue allows remote attackers to manipulate query logic, leading to...
PT-2004-2553 · Unknown · Password Protect
Name of the Vulnerable Software and Affected Versions: Password Protect affected versions not specified Description: The issue allows remote attackers to execute arbitrary SQL statements and bypass authentication. This can be achieved through various parameters and files, including 1 admin or Pas...
Comersus Cart 5.0 - SQL Injection
Comersus Cart 5.0 - SQL Injection source: https://www.securityfocus.com/bid/10824/info Comersus Cart is reportedly affected by a remote SQL injection vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI parameter input before using it in an SQL...
Jaws 0.20.30.4 - ControlPanel.php SQL Injection
Jaws 0.20.30.4 - ControlPanel.php SQL Injection source: https://www.securityfocus.com/bid/10826/info JAWS is reportedly affected by a remote SQL injection vulnerability. This issue occurs in the controlpanel.php script due to a failure of the application to properly sanitize user-supplied URI...
CVE-2004-0543
Multiple SQL injection vulnerabilities in Oracle Applications 11.0 and Oracle E-Business Suite 11.5.1 through 11.5.8 allow remote attackers to execute arbitrary SQL procedures and queries...
cPanel 5-9 - Passwd SQL Injection
source: https://www.securityfocus.com/bid/10505/info cPanel is reportedly affected by a remote SQL injection vulnerability in the passwd script. This issue is due to a failure of the application to properly sanitize user-supplied URI parameter input before using it in an SQL query. The problem...
PHP-Nuke MS-Analysis Module - HTTP Referrer Field SQL Injection
source: https://www.securityfocus.com/bid/9948/info Reportedly the MS-Analysis module is prone to a remote SQL injection vulnerability. This issue is due to a failure to properly sanitize user supplied HTTP header input before using it in an SQL query. As a result of this, a malicious user may...
PHPGedView 2.5/2.6 - 'Placelist.php' SQL Injection
source: https://www.securityfocus.com/bid/11910/info It is reported that PhpGedView is susceptible to a remote SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input prior to including it in an SQL query. This issue allows remote...
CVE-2003-0735
SQL injection vulnerability in the Calendar module of phpWebSite 0.9.x and earlier allows remote attackers to execute arbitrary SQL queries, as demonstrated using the year parameter...
CVE-2001-1089
libnss-pgsql in nss-pgsql 0.9.0 and earlier allows remote attackers to execute arbitrary SQL queries by inserting SQL code into an HTTP request...
Snitz Forums 2000 remote SQL query manipulation vulnerability
vulnerable ---------- Product : Snitz Forums 2000 Version : 3.3 3.3.01 3.3.02 3.3.03 last stable version Object : members.asp Class : Input validation error remote SQL query manipulation vulnerability Vendor-URL : http://forum.snitz.com/ Vendor-Status : informed, not patched Remote-Exploit : yes...
CVE-2001-1025
PHP-Nuke 5.x allows remote attackers to perform arbitrary SQL operations by modifying the "prefix" variable when calling any scripts that do not already define the prefix variable e.g., by including mainfile.php, such as article.php...
CVE-2000-1233
SQL injection vulnerability in read.php3 and other scripts in Phorum 3.0.7 allows remote attackers to execute arbitrary SQL queries via the sSQL parameter...