ACG News 1.0 index.php Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/25466/info ACG News is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in SQL queries. Exploiting these issues could allow an attacker to...

Vastal I-Tech DVD Zone view_mag.php mag_id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/36487/info DVD Zone is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to stea...

Land Down Under 800/801 forums.php Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/14618/info Land Down Under is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation may allow the...

Cerberus Helpdesk 2.649 cer_KnowledgebaseHandler.class.php _load_article_details Function SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/16062/info Cerberus Helpdesk is prone to multiple cross-site scripting and SQL injection vulnerabilities. These issues are the result of inadequate validation of user-supplied input that will be included in site output or...

OaBoard 1.0 Forum.PHP Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/15245/info OaBoard is prone to multiple SQL injection vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input before using it in an SQL query. Successful exploitation could result in ...

Pragmatic Utopia PU Arcade <= 2.2 - 'gid' Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28701/info PU Arcade is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

Domain Verkaus & Auktions Portal 'index.php' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38737/info Domain Verkaus & Auktions Portal is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...

Seir Anphin V666 Community Management System - Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/19244/info Seir Anphin V666 Community Management System is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. These...

Snitz Forums 2000 3.x Members.ASP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4558/info Snitz Forums 2000 is ASP-based web forum software. It runs on Microsoft Windows operating systems. Snitz is back-ended by a database and supports Microsoft Access 97/2000, SQL Server 6.5/7.0/2000 and MySQL. It i...

Jupiter CMS 1.1.4/1.1.5 modules/mass-email.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/20048/info Jupiter CMSA is prone to multiple input-validation vulnerabilities, including cross-site scripting, SQL-injection, and arbitrary file-upload issues, because the application fails to sanitize user-supplied input...

NPDS 4.8/5.0 comments.php thold Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/13649/info NPDS is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'thold' parameter. Successful exploitation could result in a...

WordPress Plugin ShiftThis Newsletter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27586/info The ShiftThis Newsletter plugin for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could...

Enthrallweb eClassifieds dirSub.asp sid Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/21192/info eClassifieds is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...

XMB Forum 1.9.3 Post.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15267/info XMB Nexus Forum is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation...

ClassSystem 2.0/2.3 - class/ApplyDB.php Unrestricted File Upload Arbitrary Code Execution

No description provided by source. source: http://www.securityfocus.com/bid/29372/info ClassSystem is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. These issues include multiple SQL-injection vulnerabilities and an...

Web4Future eDating Professional 5.0 fq.php cid Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15715/info eDating Professional is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...

TurnkeyWebTools SunShop Shopping Cart 4.0 index.php l Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/23856/info TurnkeyWebTools SunShop Shopping Cart is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to steal...

Cezanne 7 - CFLookup.asp FUNID Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/28773/info Cezanne Software is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker ...

PHPMySpace Gold 8.0 'gid' Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37881/info PHPMySpace Gold is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromi...

JPortal Web Portal 2.2.1/2.3.1 news.php id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15324/info JPortal is prone to multiple SQL injection vulnerabilities. These are due to a lack of proper sanitization of user-supplied input before being used in an SQL query. Successful exploitation could result in a...