Huge-IT Catalog Extension SQL Injection Vulnerability in Joomla!

Joomla! is an open source content management system CMS developed by the Open Source Matters team in the U.S. Huge-IT Catalog is one of the extensions that showcases products in the most attractive way. A SQL injection vulnerability exists in version 1.0.7 of the Joomla! Huge-IT Catalog extension...

Categorizator 0.3.1 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Categorizator 0.3.1 | SQL Injection Date: 03/09/16 Exploit Author: Wad Deek Vendor Homepage: http://lelogiciellibre.net/telecharger/annuaire-web.php Software Link:...

SetucoCMS vulnerable to SQL injection

Overview SetucoCMS provided by SetucoCMS Project is a content management system CMS. SetucoCMS contains an SQL injection vulnerability. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning partnership. Impact An arbitrary...

Sql injection

SQL injection vulnerability in Cisco Firepower Management Center 4.10.3 through 5.4.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCur25485...

BalkanSys CMS show_pageID SQL injection Vulnerability

Exploit for php platform in category web applications Exploit Title : BalkanSys CMS showpageID SQL injection Exploit Author : xBADGIRL21 Dork : inurl:/?act=showpage or inurl:/?act=showpage "Balkansys" Category: Webapps version: BalkanSys CMS 2.x - 3.x Tested on: Linux | Windows Vendore :...

MuM MapEdit 3.2.6.0 - Multiple Vulnerabilities

Exploit for asp platform in category web applications Security Advisory -- Multiple Vulnerabilities - MuM Map Edit Product Vendor: Mensch und Maschine Software SE / Mensch und Maschine acadGraph GmbH Product: MapEdit Affected software version: 3.2.6.0 MuM MapEdit provides geodata to the internet...

CVE-2016-5843

Multiple SQL injection vulnerabilities in the FAQ package 2.x before 2.3.6, 4.x before 4.0.5, and 5.x before 5.0.5 in Open Ticket Request System OTRS allow remote attackers to execute arbitrary SQL commands via crafted search parameters...

WordPress MailPoet Newsletters Plugin <= 2.7.2 - SQL Injection

Because of this vulnerability, remote authenticated users can execute arbitrary SQL commands. Solution Update the plugin...

CVE-2016-6195

SQL injection vulnerability in forumrunner/includes/moderation.php in vBulletin before 4.2.2 Patch Level 5 and 4.2.3 before Patch Level 1 allows remote attackers to execute arbitrary SQL commands via the postids parameter to forumrunner/request.php, as exploited in the wild in July 2016...

Sql injection

SQL injection vulnerability in chat/staff/default.aspx in ReadyDesk 9.1 allows remote attackers to execute arbitrary SQL commands via the user name field...

CVE-2016-5048

SQL injection vulnerability in chat/staff/default.aspx in ReadyDesk 9.1 allows remote attackers to execute arbitrary SQL commands via the user name field...

CVE-2016-5817

Navis WebAccess (Navis, a Navis/Navis, Inc. product) is affected by CVE-2016-5817, a SQL injection vulnerability in news pages that allowed remote attackers to execute arbitrary SQL via unspecified vectors. The vulnerability targets WebAccess versions prior to the August 10, 2016 patch release; N...

CVE-2016-5792

SQL injection vulnerability in Moxa SoftCMS before 1.5 allows remote attackers to execute arbitrary SQL commands via unspecified fields...

CVE-2016-5792

SQL injection vulnerability in Moxa SoftCMS before 1.5 allows remote attackers to execute arbitrary SQL commands via unspecified fields...

Sql injection

SQL injection vulnerability in Moxa SoftCMS before 1.5 allows remote attackers to execute arbitrary SQL commands via unspecified fields...

CVE-2016-4999

SQL injection vulnerability in the getStringParameterSQL method in main/java/org/dashbuilder/dataprovider/sql/dialect/DefaultDialect.java in Dashbuilder before 0.6.0.Beta1 allows remote attackers to execute arbitrary SQL commands via a data set lookup filter in the 1 Data Set Authoring or 2...

Sql injection

SQL injection vulnerability in the getStringParameterSQL method in main/java/org/dashbuilder/dataprovider/sql/dialect/DefaultDialect.java in Dashbuilder before 0.6.0.Beta1 allows remote attackers to execute arbitrary SQL commands via a data set lookup filter in the 1 Data Set Authoring or 2...

Huge-IT Portfolio Gallery manager SQL Injection Vulnerability

Huge-IT Portfolio Gallery manager is Huge-IT team developed an extension plugin for Joomla! in the management and display of photos, videos and so on. A SQL injection vulnerability exists in Huge-IT Portfolio Gallery manager v1.1.5. An attacker can exploit this vulnerability to inject arbitrary S...

CVE-2016-4837

SQL injection vulnerability in the Seed Coupon plugin before 1.6 for EC-CUBE allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

CVE-2016-4837

SQL injection vulnerability in the Seed Coupon plugin before 1.6 for EC-CUBE allows remote attackers to execute arbitrary SQL commands via unspecified vectors...