CVE-2020-25990

WebsiteBaker 2.12.2 allows SQL Injection via parameter 'displayname' in /websitebaker/admin/preferences/save.php. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database...

PHP-Nuke Sections Module - artid SQL Injection

PHP-Nuke Sections Module - artid SQL Injection source: https://www.securityfocus.com/bid/27879/info The PHP-Nuke Sections module is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could all...

phpCOIN 1.2 Pages Module - Multiple SQL Injections

phpCOIN 1.2 Pages Module - Multiple SQL Injections source: https://www.securityfocus.com/bid/13433/info PHPCoin is reportedly affected by multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL...

ProjectBB 0.4.5.1 - Multiple SQL Injections

ProjectBB 0.4.5.1 - Multiple SQL Injections source: https://www.securityfocus.com/bid/12710/info ProjectBB is reportedly affected by multiple SQL injection vulnerabilities. These issues are due to the application failing to properly sanitize user-supplied input before using it in SQL queries...