4 matches found
EasyWeb 1.0 FileManager Module Directory Traversal Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10792/info EasyWeb is prone to a directory traversal vulnerability. This issue presents itself due to insufficient sanitization of user-supplied data. The issue occurs if a remote attacker sends a request to the...
Dragonfly Commerce 1.0 - Multiple SQL Injections
source: https://www.securityfocus.com/bid/14220/info Dragonfly Commerce is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a...
Invision Power Board 1.3 - 'SSI.php' SQL Injection
source: https://www.securityfocus.com/bid/10511/info Invision Power Board is reported prone to an SQL injection vulnerability in its 'ssi.php' script. Due to improper filtering of user supplied data, 'ssi.php' is exploitable by attackers to pass SQL statements to the underlying database. The impa...
ttCMS 2.2 ttForum 1.1 - news.php?template Remote File Inclusion
ttCMS 2.2 ttForum 1.1 - news.php?template Remote File Inclusion source: https://www.securityfocus.com/bid/7542/info A remote file include vulnerability has been reported for both ttForum and ttCMS. Due to insufficient sanitization of some user-supplied variables by the 'News.php' and 'Install.php...