Bitweaver 1.x fisheye/list_galleries.php sort_mode Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/20996/info Bitweaver is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal...

bitweaver 1.x - '/newsletters/edition.php?tk' SQL Injection

source: https://www.securityfocus.com/bid/20988/info Bitweaver is prone to multiple input-validation vulnerabilities because the application fails to sufficiently sanitize user-supplied input. These issues include multiple HTML-injection issues and multiple SQL-injection issues. A successful...