NeoBill 0.9-alpha - language Local File Inclusion

NeoBill 0.9-alpha - language Local File Inclusion source: https://www.securityfocus.com/bid/64112/info NeoBill is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these vulnerabilities to compromise the application,...

Ziteman CMS - Login Page SQL Injection

source: https://www.securityfocus.com/bid/62949/info Ziteman CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...

Alienvault Open Source SIEM (OSSIM) 3.1 - 'date_from' Multiple SQL Injections

source: https://www.securityfocus.com/bid/62790/info Open Source SIEM OSSIM is prone to multiple SQL-injection vulnerabilities. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. Open Sourc...

Monstra CMS 1.2.0 - login SQL Injection

Monstra CMS 1.2.0 - login SQL Injection source: https://www.securityfocus.com/bid/62572/info Monstra CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

dBlog CMS - m SQL Injection

dBlog CMS - m SQL Injection source: https://www.securityfocus.com/bid/62146/info dBlog CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

ScriptCase - 'scelta_categoria.php' SQL Injection

source: https://www.securityfocus.com/bid/60461/info ScriptCase is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...

PHP Address Book - addressbookregisteredit_user_save.php Multiple SQL Injections

PHP Address Book - addressbookregistereditusersave.php Multiple SQL Injections source: https://www.securityfocus.com/bid/58911/info PHP Address Book is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input. A successful exploit may allow an...

PHP Address Book - addressbookregisterreset_password_save.php Multiple SQL Injections

PHP Address Book - addressbookregisterresetpasswordsave.php Multiple SQL Injections source: https://www.securityfocus.com/bid/58911/info PHP Address Book is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input. A successful exploit may allo...

Sourcefabric Newscoop - f_email SQL Injection

Sourcefabric Newscoop - femail SQL Injection source: https://www.securityfocus.com/bid/56800/info Newscoop is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

WordPress Wp Image Zoom Theme - SQL Injection

This WordPress Wp Image Zoom theme's "id" parameter is prone to an SQL injection. This vulnerability allows an attacker to modify data, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Update the theme...

WordPress Facebook Survey Plugin 1.0 - SQL Injection

This WordPress Facebook Survey plugin is prone to an SQL injection. This vulnerability allows an attacker to modify data, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Filter the "id" input or use the intval PHP function to make sure...

VeriCentre - Multiple SQL Injections

source: https://www.securityfocus.com/bid/56409/info VeriCentre is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit may allow an attacker to compromise the application, acce...

VicBlog - Multiple SQL Injections

source: https://www.securityfocus.com/bid/56307/info VicBlog is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit may allow an attacker to compromise the application, access ...

Extcalendar 2.0 - Multiple SQL Injections / HTML Injection Vulnerabilities

source: https://www.securityfocus.com/bid/55424/info ExtCalendar is prone to multiple SQL-injection vulnerabilities and an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow an attacker to compromise the application, acces...

Elite Bulletin Board - Multiple SQL Injections

Elite Bulletin Board - Multiple SQL Injections source: https://www.securityfocus.com/bid/54452/info Elite Bulletin Board is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit...

Elite Bulletin Board - Multiple SQL Injections

source: https://www.securityfocus.com/bid/54452/info Elite Bulletin Board is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the...

Discuz! 7.00 + 7.1 + 7.2 database exploit

Exploit for php platform in category web applications Exploit Title: Discuz! 7.00 + 7.1 + 7.2 database exploit Author: Over-X email: email protected Vendor or Software Link: http://download.comsenz.com/Discuz/7.0.0/Discuz7.0.0FULLSCGBK.zip Version: 7.00 & 7.1 & 7.2 Google dork: "powered by Discuz...

Simple Document Management System 1.1.5 - Multiple SQL Injections

Simple Document Management System 1.1.5 - Multiple SQL Injections source: https://www.securityfocus.com/bid/54043/info Simple Document Management System is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an...

Simple Document Management System 1.1.5 - Multiple SQL Injections

source: https://www.securityfocus.com/bid/54043/info Simple Document Management System is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...

MyBB 1.6.8 - 'member.php' SQL Injection

source: https://www.securityfocus.com/bid/53814/info MyBB is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit may allow an attacker to compromise the application, access or modify...