PAFileDB 1.1.32.1.13.03.1 - category.php?start Cross-Site Scripting

PAFileDB 1.1.32.1.13.03.1 - category.php?start Cross-Site Scripting source: https://www.securityfocus.com/bid/12788/info Multiple SQL injection and cross-site scripting vulnerabilities exist in paFileDB. These issues are reported to exist in the 'viewall.php' and 'category.php' scripts...

PAFileDB 1.1.32.1.13.03.1 - viewall.php?start SQL Injection

PAFileDB 1.1.32.1.13.03.1 - viewall.php?start SQL Injection source: https://www.securityfocus.com/bid/12788/info Multiple SQL injection and cross-site scripting vulnerabilities exist in paFileDB. These issues are reported to exist in the 'viewall.php' and 'category.php' scripts. Exploitation of...

PAFileDB 1.1.3/2.1.1/3.0/3.1 - 'viewall.php?start' Cross-Site Scripting

source: https://www.securityfocus.com/bid/12788/info Multiple SQL injection and cross-site scripting vulnerabilities exist in paFileDB. These issues are reported to exist in the 'viewall.php' and 'category.php' scripts. Exploitation of these issues may allow for compromise of the software, sessio...

paFAQBeta4.txt

PersianHacker.NET 200505-07 paFAQ Beta4 Sql Injection Date: 2005 February Bug Number: 07 paFAQ is a feature rich FAQ/Knowledge base system allowing webmasters to keep an organized database of Frequently Asked Questions. paFAQ also makes a great Knowledge Database for problems and solutions relate...

FreezingCold Broadboard - 'profile.asp' SQL Injection

source: https://www.securityfocus.com/bid/11250/info Reportedly BroadBoard Message Board is affected by multiple SQL injection vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied URI input prior to using it in an SQL query. An attacker may...

Oracle E-Business Suite SQL Injection vulnerabilities

Overview Oracle E-Business Suite fails to filter user input permiting the exploitation of SQL injection vulnerabilities. These vulnerabilities may allow a remote attacker to execute procedures or SQL queries and updates on the vulnerable database application. Description According to the Oracle...

PHProfession 2.5 - upload.php Direct Request Full Path Disclosure

PHProfession 2.5 - upload.php Direct Request Full Path Disclosure source: https://www.securityfocus.com/bid/10190/info Multiple vulnerabilities were reported to exist in phProfession, which is a third-party module for PostNuke. Path disclosure, cross-site scripting and SQL injection vulnerabiliti...

NukeCalendar 1.1.a - block-Calendar_center.php Full Path Disclosure

NukeCalendar 1.1.a - block-Calendarcenter.php Full Path Disclosure source: https://www.securityfocus.com/bid/10082/info NukeCalendar, which is a third-party calendar module for PHP-Nuke, is prone to multiple vulnerabilities. These issues include path disclosure, SQL injection and cross-site...

NukeCalendar 1.1.a - 'block-calendar.php' Full Path Disclosure

source: https://www.securityfocus.com/bid/10082/info NukeCalendar, which is a third-party calendar module for PHP-Nuke, is prone to multiple vulnerabilities. These issues include path disclosure, SQL injection and cross-site scripting. Possible consequences include disclosure of sensitive...

NukeCalendar 1.1.a - eid Cross-Site Scripting

NukeCalendar 1.1.a - eid Cross-Site Scripting source: https://www.securityfocus.com/bid/10082/info NukeCalendar, which is a third-party calendar module for PHP-Nuke, is prone to multiple vulnerabilities. These issues include path disclosure, SQL injection and cross-site scripting. Possible...

Mambo Open Source 4.0.14 Server - SQL Injection

source: https://www.securityfocus.com/bid/9196/info It has bee reported that Mambo Open Source 4.0.14 Server is prone to SQL injection attacks. The problem is said to occur due to insufficient sanitization of data passed to specific index.php variables. As a result, an attacker may be capable of...