1417 matches found
Abarcar Realty Portal 5.1.5 - 'content.php' SQL Injection
source: https://www.securityfocus.com/bid/18218/info Abarcar Realty Portal is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...
MyBB 1.1.1 - 'showthread.php' SQL Injection
source: https://www.securityfocus.com/bid/17904/info MyBB is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful attack could allow an attacker to compromise the...
EDirectoryPro - 'Search_result.asp' SQL Injection
source: https://www.securityfocus.com/bid/17912/info EDirectoryPro is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the...
Barracuda vuln.
Barracuda vuln. Vuln. discovered by : r0t Date: 30 april 2006 vendor:www.boonex.com/products/barracuda/ affected versions:1.1 and prior orginal advisory:http://pridels.blogspot.com/2006/04/barracuda-vuln.html Vuln. Description: Barracuda Directory contains a flaw that allows a remote sql injectio...
Blog 0.2.30.2.4 Mod - Weblog_posting.php SQL Injection
Blog 0.2.30.2.4 Mod - Weblogposting.php SQL Injection source: https://www.securityfocus.com/bid/17744/info Blog Mod is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful...
DUclassified - detail.asp SQL Injection
DUclassified - detail.asp SQL Injection source: https://www.securityfocus.com/bid/17722/info DUclassified is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit...
DUclassified - 'detail.asp' SQL Injection
source: https://www.securityfocus.com/bid/17722/info DUclassified is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the...
CVE-2006-2081
CVE-2006-2081 affects Oracle Database Server 10g Release 2, where local users can trigger arbitrary SQL via the GET_DOMAIN_INDEX_METADATA function in DBMS_EXPORT_EXTENSION. The primary issue is insecure privileges that allow SQL to be introduced outside of a character-based injection, not a tradi...
IPB <= 2.1.5 SQL inj. vuln.
IPB = 2.1.5 SQL inj. vuln. Vuln. discovered by : r0t Date: 19 april 2006 vendorlink:http://www.invisionboard.com/ affected versions:2.1.5 and previous orginal advisory: http://pridels.blogspot.com/2006/04/ipb-215-sql-inj-vuln.html Vuln. Description: IPB contains a flaw that allows a remote sql...
ThWboard 2.8 - 'showtopic.php' SQL Injection
source: https://www.securityfocus.com/bid/17606/info ThWboard is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the...
Plexum X5 SQL vuln.
Plexum X5 SQL vuln. Vuln. discovered by : r0t Date: 19 april 2006 vendorlink:http://www.plexum.com/network/ affected versions:X5 and previous orginal advisory:http://pridels.blogspot.com/2006/04/plexum-x5-sql-vuln.html Vuln. Description: Plexum contains a flaw that allows a remote sql injection...
DEBIAN-CVE-2006-1804
SQL injection vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers to execute arbitrary SQL commands via the sqlquery parameter...
DEBIAN-CVE-2006-1803
Cross-site scripting XSS vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers to inject arbitrary web script or HTML via the sqlquery parameter...
[eVuln] qliteNews SQL Injection Vulnerability
New eVuln Advisory: qliteNews SQL Injection Vulnerability http://evuln.com/vulns/114/summary.html --------------------Summary---------------- eVuln ID: EV0114 CVE: CVE-2006-1571 Vendor: r2xDesign.net Vendor's Web Site: http://www.r2xdesign.net/ Software: qliteNews Versions: 2005.07.01 Critical...
SWSoft Confixx 3.0.6/3.0.8/3.1.2 - 'index.php' SQL Injection
source: https://www.securityfocus.com/bid/17476/info Confixx is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the...
SoftBiz Image Gallery - insert_rating.php?img_id SQL Injection
SoftBiz Image Gallery - insertrating.php?imgid SQL Injection source: https://www.securityfocus.com/bid/17339/info Softbiz Image Gallery is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it...
SoftBiz Image Gallery - images.php?cid SQL Injection
SoftBiz Image Gallery - images.php?cid SQL Injection source: https://www.securityfocus.com/bid/17339/info Softbiz Image Gallery is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an S...
O2PHP Oxygen 1.01.1 - post.php SQL Injection
O2PHP Oxygen 1.01.1 - post.php SQL Injection source: https://www.securityfocus.com/bid/17324/info Oxygen is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit cou...
SaPHPLesson 2.0 - print.php SQL Injection
SaPHPLesson 2.0 - print.php SQL Injection source: https://www.securityfocus.com/bid/17239/info SaphpLesson is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit...
Pixel Motion - index.php?date SQL Injection
Pixel Motion - index.php?date SQL Injection source: https://www.securityfocus.com/bid/17260/info Pixel Motion is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A...