7 matches found
The vulnerability of the set function in the structured data search package SDS of the package manager NPM allows a attacker to execute arbitrary code.
The vulnerability of the set function in the structured data search package SDS of the package manager NPM arises due to insufficient cleaning of the data provided by users. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
20/20 Real Estate 3.2 - Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/21153/info 20/20 Real Estate is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker...
MyJobList 0.1.3 - eid SQL Injection
MyJobList 0.1.3 - eid SQL Injection source: https://www.securityfocus.com/bid/52168/info MyJobList is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise t...
Pluck CMS 4.5.2 - Multiple Cross-Site Scripting Vulnerabilities
Pluck CMS 4.5.2 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/30542/info Pluck is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute...
RunCMS 1.6.1 - bbPath[root_theme] Remote File Inclusion
RunCMS 1.6.1 - bbPathroottheme Remote File Inclusion source: https://www.securityfocus.com/bid/30331/info RunCMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can allow an attacker to compromise the...
RobotStats 0.1 - 'graph.php?DOCUMENT_ROOT' Remote File Inclusion
source: https://www.securityfocus.com/bid/28615/info RobotStats is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attac...
uPhotoGallery 1.1 - 'thumbnails.asp?ci' SQL Injection
source: https://www.securityfocus.com/bid/21319/info uPhotoGallery is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access...