CVE-2010-0225

SanDisk Cruzer Enterprise USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key...

Design/Logic Flaw

Verbatim Corporate Secure and Corporate Secure FIPS Edition USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key...

Design/Logic Flaw

SanDisk Cruzer Enterprise USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key...

Joomla! Component DM Orders - id SQL Injection

Joomla! Component DM Orders - id SQL Injection source: https://www.securityfocus.com/bid/37655/info The DM Orders component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue...

Movable Type access restriction bypass vulnerability

Overview Movable Type contains an access restriction bypass vulnerability. Movable Type, a web log system from Six Apart KK, contains a vulnerability that allows a remote attacker to bypass access restrictions. This vulnerability is different from JVN08369659. Impact A remote attacker may view or...

Pay Per Minute Video Chat Script 2.x - SQL Injection Multiple Cross-Site Scripting Vulnerabilities

Pay Per Minute Video Chat Script 2.x - SQL Injection Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/40585/info Pay Per Minute Video Chat Script is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to...

Freewebscriptz Online Games Login - Multiple SQL Injections

Freewebscriptz Online Games Login - Multiple SQL Injections source: https://www.securityfocus.com/bid/41267/info Free Web Scriptâ??z Online Games is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query...

FreeWebShop 2.2.9 R2 - Multiple Remote Vulnerabilities

FreeWebShop 2.2.9 R2 - Multiple Remote Vulnerabilities source: https://www.securityfocus.com/bid/37513/info FreeWebshop is prone to multiple remote vulnerabilities: 1. A security vulnerability that may allow attackers to spoof HTTP headers. 2. A security vulnerability involving the handling of...

pragmaMX 0.1.11 - modules.php Multiple SQL Injections

pragmaMX 0.1.11 - modules.php Multiple SQL Injections source: https://www.securityfocus.com/bid/41523/info pragmaMX is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow ...

Family Connections Multiple Input Validation Vulnerabilities

Family Connections is prone to multiple input-validation vulnerabilities, including a local file-include issue, an arbitrary file-upload issue, and multiple SQL-injection issues. These issues occur because the application fails to properly sanitize user- supplied input. Exploiting these issues ma...

Family Connections <= 2.1.3 Multiple Input Validation Vulnerabilities

Family Connections is prone to multiple input-validation vulnerabilities, including a local file include LFI issue, an arbitrary file-upload issue, and multiple SQL injection SQLi issues. These issues occur because the application fails to properly sanitize user-supplied input...

Sugar CRM 5.5.0.RC2 and 5.2.0j Multiple Remote Vulnerabilities

No description provided by source. Author: Janek Vind 'waraxe' Vulnerable: SugarCRM SugarCRM 5.5.0.RC2 SugarCRM SugarCRM 5.2.0j Product: http://www.sugarcrm.com/crm/ Description: SugarCRM is prone to multiple remote vulnerabilities, including: 1. Multiple SQL-injection vulnerabilities 2. Multiple...

CyberCMS - &#039;faq.php&#039; SQL Injection

source: https://www.securityfocus.com/bid/39698/info Cyber CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify dat...

DEBIAN-CVE-2009-4076

Cross-site request forgery CSRF vulnerability in Roundcube Webmail 0.2.2 and earlier allows remote attackers to hijack the authentication of unspecified users for requests that modify user information via unspecified vectors, a different vulnerability than CVE-2009-4077...

Basic Analysis and Security Engine Multiple Input Validation Vulnerabilities

Basic Analysis and Security Engine BASE is prone to multiple input-validation vulnerabilities because it fails to adequately sanitize user-supplied input. These vulnerabilities include an SQL-injection issue, a cross-site scripting issue, and a local file-include issue. SPDX-FileCopyrightText: 20...

OpenDocMan 1.2.5 - user.php Cross-Site Scripting

OpenDocMan 1.2.5 - user.php Cross-Site Scripting source: https://www.securityfocus.com/bid/36777/info OpenDocMan is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could...

OpenDocMan 1.2.5 - department.php Cross-Site Scripting

OpenDocMan 1.2.5 - department.php Cross-Site Scripting source: https://www.securityfocus.com/bid/36777/info OpenDocMan is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues...

OpenDocMan 1.2.5 - &#039;rejects.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/36777/info OpenDocMan is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based...

OpenDocMan 1.2.5 - view_file.php Cross-Site Scripting

OpenDocMan 1.2.5 - viewfile.php Cross-Site Scripting source: https://www.securityfocus.com/bid/36777/info OpenDocMan is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues...

OpenDocMan 1.2.5 - index.php?last_message Cross-Site Scripting

OpenDocMan 1.2.5 - index.php?lastmessage Cross-Site Scripting source: https://www.securityfocus.com/bid/36777/info OpenDocMan is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these...