CartWIZ 1.10 ProductCatalogSubCats.ASP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13331/info CartWIZ is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input prior to utilizing the data in an SQL query. Successful exploitatio...

Qualiteam X-Cart 3.x upgrade.php perl_binary Parameter Arbitrary Command Execution

No description provided by source. source: http://www.securityfocus.com/bid/9560/info X-Cart has been reported to be prone to an issue that may allow remote attackers to execute arbitrary commands on the affected system. The issue is caused by a failure of the application to sanitize values...

ProjectBB 0.4.5 .1 - Multiple Remote Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/12709/info ProjectBB is reportedly affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. As a result of these...

INCOGEN Bugport 1.x Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/16121/info Bugport is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation...

Active Auction House Default.ASP Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/13032/info Active Auction House is reportedly affected by multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL querie...

FlatNuke 2.5.x Index.PHP Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/15172/info FlatNuke is prone to multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to...

Netrw Vim Script 's:BrowserMaps()' Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30254/info Netrw is prone to a command-execution vulnerability because the application fails to sufficiently sanitize user-supplied data. Successfully exploiting this issue can allow an attacker to execute arbitrary...

Claroline 1.x Rqmkhtml.PHP Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17343/info Claroline is prone to an information-disclosure vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve...

Spread The Word Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/13737/info Spread The Word is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful...

Dotproject 2.0 /modules/public/calendar.php baseDir Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/16648/info Dotproject is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to includ...

Scrutinizer 9.0.1.19899 - Arbitrary File Upload

Scrutinizer 9.0.1.19899 - Arbitrary File Upload source: https://www.securityfocus.com/bid/54726/info Scrutinizer is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input. An attacker may...

Douran Portal <= 3.9.7.8 Arbitrary File Download Vulnerability

Douran Portal is prone to a vulnerability that lets attackers download arbitrary files. This issue occurs because the application fails to sufficiently sanitize user-supplied input. Copyright C 2011 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and a...

DMCounter 0.9.2 -b - Kopf.php Remote File Inclusion

DMCounter 0.9.2 -b - Kopf.php Remote File Inclusion source: https://www.securityfocus.com/bid/17756/info DMCounter is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to...

Scry Gallery - Directory Traversal

source: https://www.securityfocus.com/bid/17649/info Scry Gallery is prone to a directory-traversal vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable...

Claroline 1.x - &#039;rqmkhtml.php&#039; Information Disclosure

source: https://www.securityfocus.com/bid/17343/info Claroline is prone to an information-disclosure vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerabl...

Fog Creek Software FogBugz 4.0 29 - default.asp Cross-Site Scripting

Fog Creek Software FogBugz 4.0 29 - default.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/16216/info FogBugz is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage...

Hylafax 4.1/4.2 (Multiple Scripts) - Remote Command Execution

source: https://www.securityfocus.com/bid/16151/info HylaFAX is vulnerable to multiple arbitrary command-execution vulnerabilities. This issue is due to a failure in the application to properly sanitize user-supplied input. These vulnerabilities allow an attacker to execute arbitrary commands in...

McAfee IntruShield Security Management System - Multiple Vulnerabilities

McAfee IntruShield Security Management System - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/14167/info McAfee IntruShield Security Management System is susceptible to multiple vulnerabilities. The first two issues are cross-site scripting vulnerabilities in the...

SquirrelMail 1.2.x - From Email Header HTML Injection

SquirrelMail 1.2.x - From Email Header HTML Injection source: https://www.securityfocus.com/bid/10450/info SquirrelMail is reported to be prone to a 'from' field email header HTML injection vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied email...