Novell ZENworks Configuration Management schedule.ScheduleQuery SQL Injection (CVE-2015-0782)

An SQL injection vulnerability exists in ZENworks Configuration Management. The vulnerability is due to insufficient sanitization of a request parameter in the run method of the ScheduleQuery class before using the parameter in SQL queries. A remote, unauthenticated attacker can exploit this...

Novell ZENworks Configuration Management GetStoredResult.class SQL Injection (CVE-2015-0780)

An SQL injection vulnerability exists in ZENworks Configuration Management. The vulnerability is due to insufficient sanitization of the input parameter in the GetReRequestData method of the GetStoredResult class before it is used in an SQL query. A remote attacker can exploit this vulnerability ...

People Joomla Component 1.0.0 - SQL Injection Vulnerability

No description provided by source. People Joomla Component 1.0.0 SQL Injection Vulnerability Name People Vendor http://www.ptt-solution.com Versions Affected 1.0.0 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2011-01-1...

Joomla Component PhotoMap Gallery 1.6.0 - Multiple Blind SQL Injection

No description provided by source. PhotoMap Gallery 1.6.0 Joomla Component Multiple Blind SQL Injection Name PhotoMap Gallery Vendor http://extensions.joomla.org/extensions/photos-a-images/photo-gallery/10658 Versions Affected 1.6.0 Author Salvatore Fresta aka Drosophila Website...

GLPI 0.83.8 SQL Injection Vulnerability

GLPI version 0.83.8 suffers from multiple error-based SQL injection vulnerabilities. Input passed via the POST parameter 'usersidassign' in '/ajax/ticketassigninformation.php' script, POST parameter 'filename' in '/front/document.form.php' script, and POST parameter 'table' in...

WHMCS <= 4.5.2 SQLi Vulnerability

WHMCS is prone to an SQL injection SQLi vulnerability. Copyright C 2013 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you ca...

b2ePms 1.0 - Authentication Bypass

b2ePMS 1.0 Authentication Bypass Vulnerability Discovered by: Jean Pascal Pereira Vendor Information: "b2ePMS stands for Browser to Email Phone Message System. It is intended to replace the standard paper/carbon phone message slips commonly used in offices, with the capability of sending the...

ArticleSetup <= 1.11 Multiple Vulnerabilities - Active Check

ArticleSetup is prone to multiple cross-site scripting XSS and SQL injection SQLi vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Joomla 'com_easyfaq' Component Multiple SQL Injection Vulnerabilities

This host is running Joomla EasyFAQ component and is prone to multiple sql injection vulnerabilities. OpenVAS Vulnerability Test $Id: secpodjoomlacomeasyfaqsqlinjvuln.nasl 5950 2017-04-13 09:02:06Z teissa $ Joomla 'comeasyfaq' Component Multiple SQL Injection Vulnerabilities Authors: Sooraj KS...

Joomla com_x-shop 'idd' Parameter SQL Injection Vulnerability

This host is running Joomla x-shop component and is prone to SQL injection vulnerability. OpenVAS Vulnerability Test $Id: gbjoomlacomxshopsqlinjvuln.nasl 5888 2017-04-07 09:01:53Z teissa $ Joomla comx-shop 'idd' Parameter SQL Injection Vulnerability Authors: Madhuri D Copyright: Copyright c 2012...

Ileys Web Control SQL Injection Vulnerability

Ileys Web Control is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SQL injection in Social Slider

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Social Slider, which can be exploited to perform SQL injection attacks. 1 SQL Injection Vulnerability in Social Slider Input passed via the "rA" POST parameter to /wp-content/plugins/social-slider-2/ajax.php is not properly...

Joomla! com_maianmedia Component 'cat' Parameter SQL Injection Vulnerability

This host is installed with Joomla! with Maian Media Silver Component and is prone to multiple SQL injection vulnerabilities. OpenVAS Vulnerability Test $Id: gbjoomlamaianmediacompsqlinjvuln.nasl 7015 2017-08-28 11:51:24Z teissa $ Joomla! commaianmedia Component 'cat' Parameter SQL Injection...

Joomla TimeTrack 1.2.4 SQL Injection

TimeTrack 1.2.4 Joomla Component Multiple SQL Injection Vulnerabilities Name TimeTrack Vendor http://www.itrn.de Versions Affected 1.2.4 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-09-22 X. INDEX I. ABOUT THE...

phpRAINCHECK 'print_raincheck.php' SQL injection vulnerability

phpRAINCHECK is prone to a SQL injection vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Database Trigger MDSYS.SDO_TOPO_DROP_FTBL SQL Injection (CVE-2008-3979)

Oracle Database Server is an enterprise-level relational database application suite. To extend the functionality of the Oracle Database Server, extra packages of related program objects such as procedures, functions, triggers, variables, constants, cursors, and exceptions, are provided in order t...

GLSA-200710-13 : Ampache: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200710-13 Ampache: Multiple vulnerabilities LT discovered that the 'match' parameter in albums.php is not properly sanitized before being processed. The Ampache development team also reported an error when handling user sessions...

wordpress -- XMLRPC SQL Injection

Secunia reports: Slappter has discovered a vulnerability in WordPress, which can be exploited by malicious users to conduct SQL injection attacks. Input passed to the "wp.suggestCategories" method in xmlrpc.php is not properly sanitised before being used in SQL queries. This can be exploited to...

mambo -- SQL injection vulnerabilities

The Team Mambo reports that two SQL injection vulnerabilities have been found in Mambo. The vulnerabilities exists due to missing sanitation of the title and catid parameters in the weblinks.php page and can lead to execution of arbitrary SQL code...

PluggedOut Nexus SQL injection

PluggedOut Nexus SQL injection Nexus is an open source script you can run on your web server to give you a community based website where people can register, search each others interests, and communicate with one another either through a private messaging system, or via chat requests and forums...