Joomla Component (com_virtuemart) order_status_id SQL Injection Vulnerability

No description provided by source. ...BEGIN ADVISORY... !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! TITLE: Joomla comvirtuemart SQL Injection Vulnerability LANGUAGE: PHP DORK: N/A RESEARCHER: B-HUNT3|2 CONTACT: bhunt3ratnospamgmaildotnospamcom TESTED ON:...

PHPLinks 2.1.x Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/11329/info PHPLinks is reported prone to multiple input validation vulnerabilities. A file include vulnerability is reported to affect the 'index.php' script. This may allow an attacker to include and execute arbitrary PH...

Joomla (Job Component) SQL Injection Vulnerability

No description provided by source. ...BEGIN ADVISORY... !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! TITLE: Joomla Job Component SQL Injection Vulnerability LANGUAGE: PHP RESEARCHER: B-HUNT3|2 CONTACT: bhunt3ratnospamgmaildotnospamcom...

XMB Forum 1.8 Member.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7406/info XMB Forum Member.PHP has been reported prone to an SQL injection vulnerability, under certain conditions. The SQL injection vulnerability has been reported to affect the registration page of XMB Forum. This is...

Cartweaver 2.16.11 Details.cfm ProdID Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/17941/info Cartweaver ColdFusion is prone to SQL-injection vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input before using it in SQL queries. Successful exploits...

vCard PRO 0 search.php event_id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/18699/info VCard PRO is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. A successful exploit...

NCM Content Management System content.pl Input Validation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2584/info The NCM Content Management System is a product distributed by NCM. The NCM Content Management System is designed to manage web material and other data, and provide an interface to databases from web resources. A...

1WebCalendar 4.0 mainCal.cfm SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/17193/info 1WebCalendar is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. A successful exploi...

PHPNuke 4.x/5.x SQL_Debug Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3906/info PHPNuke is a website creation/maintenance tool. It is can be back-ended by a number of database products such as MySQL, PostgreSQL, mSQL, Interbase, Sybase, etc. The sqllayer.php script contains a debugging...

Ikonboard 3.x Multiple Remote SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/11982/info Multiple remote SQL injection vulnerabilities reportedly affect Ikonboard. These issues are due to a failure of the application to properly sanitize user-supplied input prior to including it in SQL queries. An...

WordPress 1.2.1/1.2.2 moderation.php item_approved Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/11984/info Wordpress is reported vulnerable to multiple cross-site scripting, HTML injection, and SQL injection vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied data. The cross-site...

phpGB 1.x SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5673/info phpGB is vulnerable to a SQL injection vulnerability. The cause of the issue is that the bulletin board relies on the PHP magicquotesgpc directive to sanitize variables that are used in SQL queries. If...

OneOrZero Helpdesk 1.4 TUpdate.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7609/info An SQL injection issue has been reported to affect OneOrZero Helpdesk. The error presents itself in a OneOrZero Helpdesk script that fails to sufficiently sanitize user-supplied input before including it in SQL...

MaxWebPortal 1.3 dl_toprated.asp SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/13466/info MaxWebPortal is reportedly affected by multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries...

webid 0.5.4 - Multiple Vulnerabilities

No description provided by source. || || | || o,7 || . o7 || 4||| ow, : / / . ================================ ========================== ==================== |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ ...

DUware DUamazon Pro 3.0/3.1 review.asp iPro Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/14033/info DUamazon Pro is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful...

Joomla Component PBBooking 1.0.4_3 Multiple Blind SQL Injection

No description provided by source. PBBooking 1.0.43 Joomla Component Multiple Blind SQL Injection Name PBBooking Vendor http://sourceforge.net/projects/pbbooking/ Versions Affected 1.0.43 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmai...

MyBulletinBoard RC4 member.php Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/14553/info MyBulletinBoard is prone to multiple SQL injection vulnerability. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful...

MetaCart2 IntCatalogID Parameter Remote SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13382/info A remote SQL-injection vulnerability affects MetaCart2 because the application fails to properly sanitize user-supplied input before including it in SQL queries. An attacker may exploit this issue to manipulate...

PhpWebGallery 1.3.4/1.5.1 picture.php image_id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15837/info PhpWebGallery is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attack...