10478 matches found
VWar 1.x war.php page Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/19327/info Vwar is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues. These issues occur because the application fails to properly sanitize user-supplied input. A...
PostNuke 0.6x/0.7x NS-Languages Module language Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/16752/info PostNuke is prone to multiple input-validation vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input. Successful exploitation could allow an attacker to...
Visuplay CMS Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/33209/info Visuplay CMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...
Land Down Under 700/701/800/801 index.php c Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/14685/info Land Down Under is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful...
PunBB 1.x SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/20786/info PunBB is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may exploit these issues to execute arbitrary script code in the context of...
Rapid Classified 3.1 search.asp SH1 Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/21197/info Rapid Classified is prone to multiple input-validation issues, including multiple cross-site scripting issues and an SQL-injection issue, because the application fails to properly sanitize user-supplied input. ...
Dark Age CMS 2.0 'login.php' SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/33271/info Dark Age CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise...
X-Changer 0.20 Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/17322/info X-Changer is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit...
A-FAQ 1.0 faqDsp.asp catcode Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15741/info A-FAQ is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...
V3 Chat Instant Messenger - mail/index.php id Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/18543/info V3 Chat Instant Messenger is prone to multiple cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker...
V3 Chat Instant Messenger - online.php site_id Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/18543/info V3 Chat Instant Messenger is prone to multiple cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker...
V3 Chat Instant Messenger - mail/reply.php id Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/18543/info V3 Chat Instant Messenger is prone to multiple cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker...
OpenX 2.6.1 SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/37913/info OpenX is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...
Klf-Realty 2.0 detail.asp property_id Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/21199/info Klf-Realty is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...
Active Bids search.asp search Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/33306/info Active Auction House and Active Auction Pro are prone to SQL-injection and cross-site scripting vulnerabilities because they fail to sufficiently sanitize user-supplied data. Exploiting these issues could allow...
RedCMS 0.1 register.php Multiple Field XSS
No description provided by source. source: http://www.securityfocus.com/bid/17336/info RedCMS is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. The application is prone to HTML-injection and...
Tyger Bug Tracking System 1.1.3 Register.php PATH_INFO Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/22799/info Tyger Bug Tracking System is prone to multiple input-validation vulnerabilities, including one SQL-injection issue and two cross-site scripting issues, because the application fails to sufficiently sanitize...
PHPJournaler 1.0 Readold Variable SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16111/info PHPjournaler is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could...
Link Exchange Lite 1.0 - Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/21225/info Link Exchange Lite is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacke...
Blog Manager inc_webblogmanager.asp CategoryID Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/33314/info DMXReady Blog Manager is prone to a cross-site scripting vulnerability and an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues coul...