291 matches found
[Full-disclosure] GaesteChaos <= 0.2 Multiple Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Advisory: GaesteChaos = 0.2 Multiple Vulnerabilities Release Date: 2006/08/04 Last Modified: 2006/08/03 Author: Tamriel tamriel at gmx dot net Application: GaesteChaos = 0.2 Risk: Moderate Vendor Status: not contacted Vendor Site: www.chaossoft.de...
Geodesic Solutions (Multiple Products) - index.php?b SQL Injection
Geodesic Solutions Multiple Products - index.php?b SQL Injection source: https://www.securityfocus.com/bid/19093/info GeodesicSolutions products are prone to multiple SQL-injection vulnerabilities because the applications fail to properly sanitize user-supplied input before using it in an SQL...
4Images 1.7.1 - top.php?sessionid SQL Injection
4Images 1.7.1 - top.php?sessionid SQL Injection source: https://www.securityfocus.com/bid/17748/info 4Images is prone to multiple, unspecified SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL...
Sql injection
SQL injection vulnerability in authcheck.php in warforge.NEWS 1.0, with magicquotesgpc disabled, allows remote attackers to execute arbitrary SQL commands via the 1 authusername and possibly the 2 authpassword cookie...
D3Jeeb Pro 3 - catogary.php?catid SQL Injection
D3Jeeb Pro 3 - catogary.php?catid SQL Injection source: https://www.securityfocus.com/bid/16853/info D3Jeeb is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...
CVE-2006-0410
SQL injection vulnerability in ADOdb before 4.71, when using PostgreSQL, allows remote attackers to execute arbitrary SQL commands via unspecified attack vectors involving binary strings...
CVE-2005-4227
Multiple "potential" SQL injection vulnerabilities in DCP-Portal 6.1.1 might allow remote attackers to execute arbitrary SQL commands via 1 the password and username parameters in advertiser.php, 2 the aid parameter in announcement.php, 3 the dcp5memberid, year, agid, day, days, hour, minute,...
SoftBiz Web Hosting Directory Script 1.1 - 'review.php?sbres_id' SQL Injection
source: https://www.securityfocus.com/bid/15561/info Softbiz Web Host Directory Script is prone to multiple SQL injection vulnerabilities. These issues occur because the application fails to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could resul...
OTRS 2.0 - AgentTicketPlain Action Multiple SQL Injections
OTRS 2.0 - AgentTicketPlain Action Multiple SQL Injections source: https://www.securityfocus.com/bid/15537/info OTRS is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. The application is prone to...
CVE-2005-3075
SQL injection vulnerability in Zengaia before 0.2 allows remote attackers to execute arbitrary SQL commands via unknown vectors...
PhpList Sql Injection and Path Disclosure
----------------------------------------- PhpList Sql Injection and Path Disclosure ----------------------------------------- Vulnerabilities --------------- 1 There is an sql injection in the id parameter of publichtml/lists/admin/?page=admin&id=INJECT HERE 2 Because of the heavy use of classes...