VOXTRONIC Voxlog Professional 3.7.x - userlogdetail.php?idclient SQL Injection

VOXTRONIC Voxlog Professional 3.7.x - userlogdetail.php?idclient SQL Injection source: https://www.securityfocus.com/bid/52081/info VOXTRONIC Voxlog Professional is prone to a file-disclosure vulnerability and multiple SQL-injection vulnerabilities because it fails to properly sanitize...

VOXTRONIC Voxlog Professional 3.7.x - 'get.php?v' Arbitrary File Access

source: https://www.securityfocus.com/bid/52081/info VOXTRONIC Voxlog Professional is prone to a file-disclosure vulnerability and multiple SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input. An remote attacker can exploit these issues to obtain potentially...

Zoho ManageEngine Applications Manager Multiple XSS and SQL Injection Vulnerabilities

This host is running Zoho ManageEngine Applications Manager and is prone to multiple cross site scripting and SQL injection vulnerabilities. OpenVAS Vulnerability Test $Id: gbmanageengineapplicationsmanagermultxssnsqlinjvuln.nasl 5912 2017-04-10 09:01:51Z teissa $ Zoho ManageEngine Applications...

Powie pFile 1.02 - pfilefile.php?id SQL Injection

Powie pFile 1.02 - pfilefile.php?id SQL Injection source: https://www.securityfocus.com/bid/51982/info pfile is prone to a cross-site scripting vulnerability and an SQL-injection vulnerability because it fails to properly sanitize user-supplied input. Exploiting these issues could allow an attack...

Dolibarr ERP/CRM 3.x - '/adherents/fiche.php' SQL Injection

source: https://www.securityfocus.com/bid/51956/info Dolibarr is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data...

4Images 1.7.10 - admincategories.php?cat_parent_id SQL Injection

4Images 1.7.10 - admincategories.php?catparentid SQL Injection source: https://www.securityfocus.com/bid/51774/info 4images is prone to multiple input-validation vulnerabilities including: 1. A cross-site scripting vulnerability. 2. An open-redirection vulnerability. 3. An SQL-injection...

4Images 1.7.10 - admincategories.php?cat_parent_id Cross-Site Scripting

4Images 1.7.10 - admincategories.php?catparentid Cross-Site Scripting source: https://www.securityfocus.com/bid/51774/info 4images is prone to multiple input-validation vulnerabilities including: 1. A cross-site scripting vulnerability. 2. An open-redirection vulnerability. 3. An SQL-injection...

4Images 1.7.10 - adminindex.php?redirect Arbitrary Site Redirect

4Images 1.7.10 - adminindex.php?redirect Arbitrary Site Redirect source: https://www.securityfocus.com/bid/51774/info 4images is prone to multiple input-validation vulnerabilities including: 1. A cross-site scripting vulnerability. 2. An open-redirection vulnerability. 3. An SQL-injection...

4Images 1.7.10 - '/admin/categories.php?cat_parent_id' Cross-Site Scripting

source: https://www.securityfocus.com/bid/51774/info 4images is prone to multiple input-validation vulnerabilities including: 1. A cross-site scripting vulnerability. 2. An open-redirection vulnerability. 3. An SQL-injection vulnerability. An attacker may leverage these issues to perform spoofing...

Joomla! Component com_motor - cid SQL Injection

Joomla! Component commotor - cid SQL Injection source: https://www.securityfocus.com/bid/51673/info The 'commotor' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue...

Joomla! Component com_products - Multiple SQL Injections

Joomla! Component comproducts - Multiple SQL Injections source: https://www.securityfocus.com/bid/51674/info The 'comproducts' component for Joomla! is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query...

Ultimate Locator - radius SQL Injection

Ultimate Locator - radius SQL Injection source: https://www.securityfocus.com/bid/51653/info Ultimate Locator is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

Joomla! Component com_car - Multiple SQL Injections

Joomla! Component comcar - Multiple SQL Injections source: https://www.securityfocus.com/bid/51620/info The 'comcar' component for Joomla! is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting...

Joomla! Component Vik Real Estate 1.0 - Multiple SQL Injections

source: https://www.securityfocus.com/bid/51617/info The 'comsanpham' component for Joomla! is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromis...

Joomla! Component com_car - Multiple SQL Injections

source: https://www.securityfocus.com/bid/51620/info The 'comcar' component for Joomla! is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise th...

Snitz Forums 2000 - 'TOPIC_ID' SQL Injection

source: https://www.securityfocus.com/bid/51596/info Snitz Forums 2000 is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit will allow an attacker to compromise the application, access or modi...

PostNuke pnAddressbook Module - id SQL Injection

PostNuke pnAddressbook Module - id SQL Injection source: https://www.securityfocus.com/bid/51566/info The pnAddressbook module for PostNuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issu...

MMORPG Zone - view_news.php SQL Injection

MMORPG Zone - viewnews.php SQL Injection source: https://www.securityfocus.com/bid/51532/info MMORPG Zone is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

MMORPG Zone - 'view_news.php' SQL Injection

source: https://www.securityfocus.com/bid/51532/info MMORPG Zone is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...

Contus Job Portal - Category SQL Injection

Contus Job Portal - Category SQL Injection source: https://www.securityfocus.com/bid/51404/info Contus Job Portal is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit will allow an attacker to...