CitrusDB 0.3.6 uploadcc.php Arbitrary Database Injection

No description provided by source. source: http://www.securityfocus.com/bid/12557/info CitrusDB is reportedly affected by an access validation vulnerability during the upload of CSV files. Exploitation of this issue could result in path disclosure or SQL injection. The issue exists because the...

yerba sacphp <= 6.3 - Multiple Vulnerabilities

No description provided by source. ====================================================== Yerba SACphp = 6.3 Multiple Remote Vulnerabilities ====================================================== ? Discovered By StAkeR - StAkeRathotmaildotit ? Discovered On 07/10/2008 ?...

IPBProArcade 2.5 - Remote SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11719/info A remote SQL injection vulnerability reportedly affects ipbProArcade. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in an SQL query. An attacke...

AlstraSoft Web Host Directory 1.2 - Multiple Vulnerabilities

No description provided by source. ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || || ==============================================================================...

OpenEMR 4.0.0 - Multiple Vulnerabilities

No description provided by source. ------------------------------------------------------------------------ Software................OpenEMR 4.0.0 Vulnerability...........Local File Inclusion Threat Level............Critical 4/5 Download................http://www.oemr.org/ Discovery...

Invision Power Board 2.0 Index.PHP Post Action SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11703/info A remote SQL injection vulnerability affects Inivision Power Board. This issue is due to a failure of the application to properly validate user-supplied input prior to using it in an SQL query. An attacker may...

UBUNTU-CVE-2014-2708

Multiple SQL injection vulnerabilities in graphxport.php in Cacti 0.8.7g, 0.8.8b, and earlier allow remote attackers to execute arbitrary SQL commands via the 1 graphstart, 2 graphend, 3 graphheight, 4 graphwidth, 5 graphnolegend, 6 printsource, 7 localgraphid, or 8 rraid parameter...

DEBIAN-CVE-2011-4899

wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not ensure that the specified MySQL database service is appropriate, which allows remote attackers to configure an arbitrary database via the dbhost and dbname parameters, and subsequently conduct static...

UBUNTU-CVE-2011-4899

DISPUTED wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not ensure that the specified MySQL database service is appropriate, which allows remote attackers to configure an arbitrary database via the dbhost and dbname parameters, and subsequently conduct...

CVE-2010-4958

SQL injection vulnerability in index.php in Prado Portal 1.2.0 allows remote attackers to execute arbitrary SQL commands via the page parameter...

OpenEMR 4.0.0 Multiple Vulnerabilities

Exploit for php platform in category web applications ------------------------------------------------------------------------ Software................OpenEMR 4.0.0 Vulnerability...........Local File Inclusion Threat Level............Critical 4/5 Download................http://www.oemr.org/...

OpenEMR 4.0.0 - Multiple Vulnerabilities

------------------------------------------------------------------------ Software................OpenEMR 4.0.0 Vulnerability...........Local File Inclusion Threat Level............Critical 4/5 Download................http://www.oemr.org/ Discovery Date..........4/2/2011 Tested...

OpenEMR 4.0.0 Database Manipulation

------------------------------------------------------------------------ Software................OpenEMR 4.0.0 Vulnerability...........Arbitrary Database Creation/Database Enumeration Threat Level............Low 1/5 Download................http://www.oemr.org/ Discovery Date..........4/2/2011...

Directory traversal

Multiple directory traversal vulnerabilities in the a Local Storage and b Web SQL database implementations in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allow remote attackers to create arbitrary database files via vectors involvi...

CVE-2010-1391

Multiple directory traversal vulnerabilities in the a Local Storage and b Web SQL database implementations in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allow remote attackers to create arbitrary database files via vectors involvi...

CVE-2010-1391

Removed by vendor...

PT-2010-2453 · Fonality · Fonality Trixbox

Name of the Vulnerable Software and Affected Versions: Fonality Trixbox version 2.2.4 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the ID parameter in the /cisco/services/PhonecDirectory.php API endpoint. Recommendations: For Fonality...

Uebimiau Webmail 3.2.0-2.0 Arbitrary Database Disclosure Vuln

Exploit for unknown platform in category web applications ============================================================= Uebimiau Webmail 3.2.0-2.0 Arbitrary Database Disclosure Vuln ============================================================= +Script Name : Uebimiau Webmail v3.2.0-2.0 +Bug Type ...

Uebimiau Webmail 3.2.0-2.0 - Arbitrary Database Disclosure

+Script Name : Uebimiau Webmail v3.2.0-2.0 +Bug Type : Arbitrary Admins Database Disclosure Vulnerability +D0rk : "Uebimiau Webmail v3.2.0-2.0" +Author : Septemb0x +Greetz : BHDR & BARCOD3 & MUHADRAM - Thanks : www.gonulerleri.org +Note : Tüm Müslüman Camiasına Hayırlı Ramazanlar Dilerim...

Knigman Shop Script Database Config Disclosure

Application Name : Knigman Shop Script Vulnerable Type : Arbitrary Database Config Disclosure Vulnerability Infection : SQL Info Get... Author : Septemb0x Script Down.& WebSite : http://knigman.net/buy.php?tovid=22764 & http://s2.dosya.tc/knigman.zip.html EXPLOIT : http://target/path/config.inc G...