Osclass 3.4.2 SQL Injection

------------------------------------------------------------------- Osclass = 3.4.2 Search::setJsonAlert SQL Injection Vulnerability ------------------------------------------------------------------- - Software Link: http://osclass.org/ - Affected Versions: Version 3.4.2 and probably prior...

PMB 4.1.3 - (Authenticated) SQL Injection

PMB 4.1.3 - Authenticated SQL Injection Exploit Title: PMB = 4.1.3 Post-Auth SQL Injection Vulnerability Google Dork: inurl:opaccss Date: 25-12-2014 Exploit Author: XD4rker Ismail Belkacim Email: xd4rkeratgmail.com Twitter: @xd4rker Vendor Homepage: http://www.sigb.net Software Link:...

Sql injection

SQL injection vulnerability in ajax/mailfunctions.php in the WP Symposium plugin before 14.11 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the tray parameter in a getMailMessage action...

CVE-2014-8810

SQL injection vulnerability in ajax/mailfunctions.php in the WP Symposium plugin before 14.11 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the tray parameter in a getMailMessage action...

CVE-2014-9115

SQL injection vulnerability in the ratepicture function in include/functionsrate.inc.php in Piwigo before 2.5.5, 2.6.x before 2.6.4, and 2.7.x before 2.7.2 allows remote attackers to execute arbitrary SQL commands via the rate parameter to picture.php, related to an improper data type in a...

CVE-2014-9115

SQL injection vulnerability in the ratepicture function in include/functionsrate.inc.php in Piwigo before 2.5.5, 2.6.x before 2.6.4, and 2.7.x before 2.7.2 allows remote attackers to execute arbitrary SQL commands via the rate parameter to picture.php, related to an improper data type in a...

Sql injection

SQL injection vulnerability in the ratepicture function in include/functionsrate.inc.php in Piwigo before 2.5.5, 2.6.x before 2.6.4, and 2.7.x before 2.7.2 allows remote attackers to execute arbitrary SQL commands via the rate parameter to picture.php, related to an improper data type in a...

CVE-2014-9115

SQL injection vulnerability in the ratepicture function in include/functionsrate.inc.php in Piwigo before 2.5.5, 2.6.x before 2.6.4, and 2.7.x before 2.7.2 allows remote attackers to execute arbitrary SQL commands via the rate parameter to picture.php, related to an improper data type in a...

CVE-2014-9258

SQL injection vulnerability in ajax/getDropdownValue.php in GLPI before 0.85.1 allows remote authenticated users to execute arbitrary SQL commands via the condition parameter...

Sql injection

SQL injection vulnerability in IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...

CVE-2014-8248

SQL injection vulnerability in CA Release Automation formerly iTKO LISA Release Automation before 4.7.1 b448 allows remote authenticated users to execute arbitrary SQL commands via a crafted query...

CVE-2014-8248

SQL injection vulnerability in CA Release Automation formerly iTKO LISA Release Automation before 4.7.1 b448 allows remote authenticated users to execute arbitrary SQL commands via a crafted query...

CVE-2014-9057

SQL injection vulnerability in the XML-RPC interface in Movable Type before 5.18, 5.2.x before 5.2.11, and 6.x before 6.0.6 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

Sql injection

SQL injection vulnerability in Php/Functions/logfunction.php in phpTrafficA 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via a User-Agent HTTP header...

Sql injection

Multiple SQL injection vulnerabilities in the queryLastApp method in packages/WAPPushManager/src/com/android/smspush/WapPushManager.java in the WAPPushManager module in Android before 5.0.0 allow remote attackers to execute arbitrary SQL commands, and consequently launch an activity or service, v...

GLPI 0.85 - Blind SQL Injection

GLPI 0.85 - Blind SQL Injection Exploit Title: GLPI 0.85 Blind SQL Injection Date: 28-11-2014 Exploit Author: Kacper Szurek - http://security.szurek.pl/ http://twitter.com/KacperSzurek Software Link: https://forge.indepnet.net/attachments/download/1899/glpi-0.85.tar.gz CVE: CVE-2014-9258 Category...

CVE-2014-9347

SQL injection vulnerability in dosearch.php in phpMyRecipes 1.2.2 allows remote attackers to execute arbitrary SQL commands via the wordsexact parameter...

CVE-2014-9345

SQL injection vulnerability in Guruperl.net Advertise With Pleasure! Professional aka AWP PRO 6.6 and earlier allows remote attackers to execute arbitrary SQL commands via the groupid parameter in a listzone action to cgi/client.cgi...

Sql injection

SQL injection vulnerability in the formulaireRobot function in admin/robots.lib.php in RobotStats 1.0 allows remote attackers to execute arbitrary SQL commands via the robot parameter to admin/robots.php...

Sql injection

SQL injection vulnerability in the shortcodeProductsTable function in models/Cart66Ajax.php in the Cart66 Lite plugin before 1.5.2 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a shortcodeproductstable action to wp-admin/admin-ajax.php...