Lucene search
K

141 matches found

Exploit DB
Exploit DB
added 2011/11/17 12:0 a.m.34 views

webERP 4.3.8 - '/reportwriter/ReportMaker.php?reportid' SQL Injection

source: https://www.securityfocus.com/bid/50713/info webERP is prone to information-disclosure, SQL-injection, and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker may exploit the information-disclosure issue to gain access to sensiti...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2011/11/07 12:0 a.m.18 views

Admin Bot - 'news.php' SQL Injection

source: https://www.securityfocus.com/bid/50562/info Admin Bot is prone to an SQL Injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify dat...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2011/10/11 12:0 a.m.13 views

Joomla! Component com_shop - id SQL Injection

Joomla! Component comshop - id SQL Injection source: https://www.securityfocus.com/bid/50043/info The 'comshop' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue coul...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2011/07/15 12:0 a.m.12 views

Auto Web Toolbox - id SQL Injection

Auto Web Toolbox - id SQL Injection source: https://www.securityfocus.com/bid/48683/info Auto Web Toolbox is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit may allow an attacker t...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2011/07/15 12:0 a.m.26 views

Joomla! Component com_newssearch - SQL Injection

source: https://www.securityfocus.com/bid/48698/info The 'comnewssearch' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2011/03/17 12:0 a.m.11 views

Joomla! 1.6 - Multiple SQL Injections

Joomla! 1.6 - Multiple SQL Injections source: https://www.securityfocus.com/bid/46846/info Joomla! is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2011/03/14 12:0 a.m.17 views

BoutikOne - 'list.php?path' SQL Injection

source: https://www.securityfocus.com/bid/46861/info Pixie is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2010/12/16 12:0 a.m.22 views

PHPRS - 'model-kits.php' SQL Injection

source: https://www.securityfocus.com/bid/45467/info phpRS is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modif...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2010/11/30 12:0 a.m.12 views

BugTracker.NET 3.4.4 - SQL Injection Cross-Site Scripting

BugTracker.NET 3.4.4 - SQL Injection Cross-Site Scripting source: https://www.securityfocus.com/bid/45121/info BugTracker.NET is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these...

Exploits0
Exploit DB
Exploit DB
added 2010/11/16 12:0 a.m.20 views

Simea CMS - 'index.php' SQL Injection

source: https://www.securityfocus.com/bid/44878/info Simea CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify dat...

7AI score
Exploits0
exploitpack
exploitpack
added 2010/11/02 12:0 a.m.17 views

Online Work Order Suite - Login SQL Injection

Online Work Order Suite - Login SQL Injection source: https://www.securityfocus.com/bid/44608/info Online Work Order Suite is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...

0.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/11/01 12:0 a.m.19 views

Symantec IM Manager whereClause Parameter SQL Injection (SYM10-010)

The version of Symantec IM Manager installed on the remote Windows host fails to sanitize input to the 'whereClause' parameter of the 'rdpageimlogic.aspx' script before using it in the 'LoggedInUsers.lgx' definition file to construct database queries. An unauthenticated attacker may be able to...

7.5CVSS5.8AI score0.05822EPSS
Exploits0References4
Exploit DB
Exploit DB
added 2010/09/06 12:0 a.m.27 views

BlueCMS 1.6 - 'x-forwarded-for' Header SQL Injection

source: https://www.securityfocus.com/bid/42999/info BlueCMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2010/06/25 12:0 a.m.19 views

AbleSpace 1.0 - 'news.php' SQL Injection

source: https://www.securityfocus.com/bid/41139/info AbleSpace is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify dat...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2010/06/22 12:0 a.m.24 views

webConductor - 'default.asp' SQL Injection

source: https://www.securityfocus.com/bid/41042/info webConductor is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2010/04/28 12:0 a.m.11 views

Tele Datas Contact Management Server 0.9 - Username SQL Injection

Tele Datas Contact Management Server 0.9 - Username SQL Injection source: https://www.securityfocus.com/bid/39799/info The Tele Data's Contact Management Server is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query...

8.6AI score
Exploits0
Exploit DB
Exploit DB
added 2010/04/09 12:0 a.m.18 views

Viennabux Beta! - 'cat' SQL Injection

source: https://www.securityfocus.com/bid/39602/info Viennabux Beta! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modi...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2010/03/29 12:0 a.m.15 views

Joomla! Component com_weblinks - id SQL Injection

Joomla! Component comweblinks - id SQL Injection source: https://www.securityfocus.com/bid/39032/info The 'comweblinks' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2009/12/21 12:0 a.m.20 views

Web Cocoon simpleCMS - 'show.php' SQL Injection

source: https://www.securityfocus.com/bid/41526/info Web Cocoon simpleCMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/07/20 12:0 a.m.37 views

Log Rover pword Parameter SQL Injection

The remote host is running Log Rover, an ASP application for analyzing web server log files. The web interface included with the version of Log Rover installed on the remote host fails to sanitize user-supplied input to the 'pword' parameter of the 'login.asp' script before using it to construct...

7.5CVSS5.5AI score0.01851EPSS
Exploits1References2
Rows per page
Query Builder