PHPLinks Multiple Input Validation Vulnerabilities

The remote host is running PHPLinks, a link manager written in PHP. The remote version of this software has multiple input validation vulnerabilities that may allow an attacker to execute arbitrary SQL statements against the remote host or to execute arbitrary PHP code. %NASLMINLEVEL 70300 C...

ITA Forum Multiple Scripts SQL Injection

The remote host is running ITA Forum, a forum software written in PHP. There is a SQL injection issue in the remote version of this software which may allow an attacker to execute arbitrary SQL statements on the remote host and to potentially overwrite arbitrary files on the remote system, by...

CVE-2004-1383

Multiple SQL injection vulnerabilities in phpGroupWare 0.9.16.003 and earlier allow remote attackers to execute arbitrary SQL statements via the 1 order, 2 projectid, 3 promain, or 4 hoursid parameters to index.php or 5 ticketid to viewticketdetails.php...

CVE-2004-2056

SQL injection vulnerability in action.php in Nucleus CMS 3.01 allows remote attackers to execute arbitrary SQL statements via the itemid parameter...

CVE-2004-2057

SQL injection vulnerability in ASPRunner 2.4 allows remote attackers to execute arbitrary SQL statements...

CVE-2004-1401

SQL injection vulnerability in verify.asp in Asp-rider allows remote attackers to execute arbitrary SQL statements and bypass authentication via the username parameter...

CVE-2004-1553

SQL injection vulnerability in aspWebAlbum allows remote attackers to execute arbitrary SQL statements via 1 the username field on the login page or 2 the cat parameter to album.asp. NOTE: it was later reported that vector 1 affects aspWebAlbum 3.2, and the vector involves the txtUserName paramet...

UBB.threads dosearch.php SQL injection

There is a SQL injection issue in the remote version of UBB.threads that may allow an attacker to execute arbitrary SQL statements on the remote host and potentially overwrite arbitrary files there by sending a malformed value to the 'Name' argument of the file 'dosearch.php'. %NASLMINLEVEL 70300...

CVE-2004-1608

SQL injection vulnerability in SalesLogix 6.1 allows remote attackers to execute arbitrary SQL statements via the id parameter in a view operation...

CVE-2004-0521

SQL injection vulnerability in SquirrelMail before 1.4.3 RC1 allows remote attackers to execute unauthorized SQL statements, with unknown impact, probably via abookdatabase.php...

Comersus Cart 5.0 - SQL Injection

Comersus Cart 5.0 - SQL Injection source: https://www.securityfocus.com/bid/10824/info Comersus Cart is reportedly affected by a remote SQL injection vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI parameter input before using it in an SQL...

CVE-2004-0732

SQL injection vulnerability in index.php in the Search module for Php-Nuke allows remote attackers to execute arbitrary SQL statements via the instory parameter...

CVE-2003-0845

CVE-2003-0845 is addressed by Red Hat/RHEL 5 security updates RHSA-2007:1048 for openoffice.org and hsqldb. The connected advisories state that HSQLDB could allow remote command execution via a port (tcp 9001) when used with OpenOffice.org Base, stemming from two issues: (1) HSQLDB lacking a pass...

CVE-2002-1457

SQL injection vulnerability in search.php for L-Forum 2.40 allows remote attackers to execute arbitrary SQL statements via the search parameter...