10478 matches found
UGroup 2.6.2 forum.php FORUM_ID Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15591/info UGroup is prone to SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could...
Comparison Engine Power 1.0 'product.comparision.php' SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/34232/info Comparison Engine Power is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...
PHP-Nuke 'KuiraniKerim' Module - 'sid' Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/29261/info The 'KuiraniKerim' module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow ...
PHP-Fusion 4.0/5.0/6.0 Messages.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14489/info PHP-Fusion is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'messages.php' script before using it in an SQL query...
Koobi Pro 5.6 showtopic Module toid Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/18970/info Koobi Pro prone to a cross-site scripting issue and an SQL-injection issue because the application fails to properly sanitize user-supplied input. A successful exploit of these vulnerabilities could allow an...
eXtrovert software Thyme 1.3 'pick_users.php' SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/31063/info eXtrovert software Thyme is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...
Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 GradebookStuScores.asp GrdBk Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/27924/info Aeries Student Information System is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and an HTML-injection issue, because it fails to sufficiently sanitize...
Mega Mall product_review.php Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/21072/info Megamail is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...
Xt-News 0.1 add_comment.php id_news Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/21719/info Xt-News is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because it fails to sufficiently sanitize user-supplied input. An attacker could exploit...
Ublog Reload 1.0.5 index.asp Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/13991/info Ublog Reload is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful...
ModernBill 4.3 User.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/17596/info ModernBill is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allo...
Miraserver 1.0 RC4 newsitem.php id Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15960/info Miraserver is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...
Vikingboard 0.1 Topic.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19919/info Viking board is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data. This may allow an attacker to compromise the application, access or modify data, or exploit...
LaGarde StoreFront 5.0 Shopping Cart LOGIN.ASP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13998/info StoreFront Shopping Cart is affected by an SQL injection vulnerability. The vulnerability affects the 'login.asp' script. Successful exploitation could result in a compromise of the application, disclosure or...
MGinternet Property Site Manager listings.asp Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/21073/info MGinternet Property Site Manager is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because it fails to sufficiently sanitize user-supplied input. An...
Bitweaver 1.1.1 view_post.php post_id Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/15962/info bitweaver is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities...
Joomla! and Mambo 'com_hello_world' Component - 'id' Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27956/info The Joomla! and Mambo 'comhelloworld' component is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue cou...
MyBB 1.0.3 Moderation.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16538/info MyBB is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input. Successful exploitation can allow an attacker to bypass authentication and gain...
Exponent CMS 0.96.5/ 0.96.6 iconspopup.php icodir Variable Traversal Arbitrary Directory Listing
No description provided by source. source: http://www.securityfocus.com/bid/23574/info Exponent CMS is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based...
Cuteflow Bin 1.5 - pages/showuser.php language Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/28500/info CuteFlow Bin is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issues include a SQL-injection vulnerability and multiple cross-site scriptin...