CartWIZ 1.10 ProductDetails.ASP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13332/info CartWIZ is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input prior to utilizing the data in an SQL query. Successful exploitatio...

Bitweaver 1.x fisheye/list_galleries.php sort_mode Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/20996/info Bitweaver is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal...

Efestech E-Kontor - 'id' Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28412/info Efestech E-Kontor is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

Qualiteam X-Cart 4.0.8 orders.php mode Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/13817/info X-Cart is prone to SQL injection and cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. These vulnerabilities could permit remot...

QuickPayPro 3.1 customer.tickets.view.php Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15863/info QuickPayPro is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities...

Joomla! and Mambo 'com_sg' Component - 'pid' Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27821/info The Joomla! and Mambo 'comsg' component is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow...

QuickPayPro 3.1 design.php delete Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15863/info QuickPayPro is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities...

Joomla! and Mambo 'com_is' 1.0.1 Component Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/30063/info The 'comis' component for Joomla! and Mambo is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issu...

CartWIZ 1.10 ProductCatalogSubCats.ASP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13331/info CartWIZ is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input prior to utilizing the data in an SQL query. Successful exploitatio...

Yellow Swordfish Simple Forum 1.7/1.9 'index.php' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27824/info Simple Forum is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise...

Zoph 0.7.2.1 Unspecified SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/30116/info Zoph is prone to a cross-site scripting vulnerability and multiple SQL-injection vulnerabilities. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the...

Bitweaver 1.x fisheye/index.php sort_mode Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/20996/info Bitweaver is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal...

CubeCart 3.0.x /admin/print_order.php order_id Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/20215/info CubeCart is prone to multiple input-validation vulnerabilities, including information-disclosure, cross-site scripting, and SQL-injection issues, because the application fails to properly sanitize user-supplied...

Messageriescripthp 2.0 existepseudo.php pseudo Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21513/info Messageriescripthp is prone to multiple input-validation vulnerabilities, including SQL-injection and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting these...

CubeCart 3.0.x admin/print_order.php order_id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/20215/info CubeCart is prone to multiple input-validation vulnerabilities, including information-disclosure, cross-site scripting, and SQL-injection issues, because the application fails to properly sanitize user-supplied...

Dokeos <= 1.8.4 main/create_course/add_course.php tutor_name Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/27792/info Dokeos is prone to multiple input-validation vulnerabilities including five SQL-injection issues, one HTML-injection issue, three cross-site scripting issues, and one arbitrary-file-upload issue. Attackers can...

microBlog 2.0 Index.PHP Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/16270/info microBlog is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitatio...

XlentProjects SphereCMS 1.1 'archive.php' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38309/info SphereCMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

SoftBiz Web Hosting Directory Script 1.1 search_result.php cid Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15561/info Softbiz Web Host Directory Script is prone to multiple SQL injection vulnerabilities. These issues occur because the application fails to properly sanitize user-supplied input before using it in an SQL query...

Joomla! and Mambo com_profile Component - 'oid' Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27851/info The Joomla! and Mambo 'comprofile' component is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could...