INFINICART - browse_group.asp?groupid SQL Injection

INFINICART - browsegroup.asp?groupid SQL Injection source: https://www.securityfocus.com/bid/21043/info Infinicart is prone to multiple input-validation vulnerabilities, including HTML-injection and SQL-injection issues, because the application fails to properly sanitize user-supplied input. A...

Bitweaver 1.x - fisheyelist_galleries.php?sort_mode SQL Injection

Bitweaver 1.x - fisheyelistgalleries.php?sortmode SQL Injection source: https://www.securityfocus.com/bid/20996/info Bitweaver is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could...

bitweaver 1.x - '/newsletters/edition.php?tk' SQL Injection

source: https://www.securityfocus.com/bid/20988/info Bitweaver is prone to multiple input-validation vulnerabilities because the application fails to sufficiently sanitize user-supplied input. These issues include multiple HTML-injection issues and multiple SQL-injection issues. A successful...

Web Wiz Forum 6.34/7.x - 'search.asp' SQL Injection

source: https://www.securityfocus.com/bid/20778/info Web Wiz Forum is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access ...

Yener Haber Script 1.0/2.0 - SQL Injection

source: https://www.securityfocus.com/bid/20333/info Yener Haber Script is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromis...

ECardPro 2.0 - search.asp SQL Injection

ECardPro 2.0 - search.asp SQL Injection source: https://www.securityfocus.com/bid/20080/info ECardPro is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...

PHP-post Web Forum 0.x.1.0 - pm.php?replyuser Cross-Site Scripting

PHP-post Web Forum 0.x.1.0 - pm.php?replyuser Cross-Site Scripting source: https://www.securityfocus.com/bid/20061/info PHP-Post is prone to multiple input-validation vulnerabilities, including multiple cross-site scripting, SQL-injection, and remote file-include issues, because the application...

Jupiter CMS 1.1.41.1.5 - galleryuploadfunction.php Arbitrary File Upload

Jupiter CMS 1.1.41.1.5 - galleryuploadfunction.php Arbitrary File Upload source: https://www.securityfocus.com/bid/20048/info Jupiter CMSA is prone to multiple input-validation vulnerabilities, including cross-site scripting, SQL-injection, and arbitrary file-upload issues, because the applicatio...

Autentificator 2.01 - 'Aut_Verifica.Inc.php' SQL Injection

source: https://www.securityfocus.com/bid/19813/info Autentificator is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access...

CLUB Nuke 2.0 - Multiple SQL Injections

CLUB Nuke 2.0 - Multiple SQL Injections source: https://www.securityfocus.com/bid/19442/info CLUB-Nuke is prone to multiple SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...

phpBB-Auction 1.x - auction_room.php?ar SQL Injection

phpBB-Auction 1.x - auctionroom.php?ar SQL Injection source: https://www.securityfocus.com/bid/19179/info PHPBB-Auction is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. These vulnerabilities...

LinksCaffe 3.0 - links.php?newdays Cross-Site Scripting

LinksCaffe 3.0 - links.php?newdays Cross-Site Scripting source: https://www.securityfocus.com/bid/19149/info LinksCaffe is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the...

LinksCaffe 3.0 - 'links.php' Multiple SQL Injections

source: https://www.securityfocus.com/bid/19149/info LinksCaffe is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successf...

PHP Pro Bid 5.2.4 - categories.php?orderType SQL Injection

PHP Pro Bid 5.2.4 - categories.php?orderType SQL Injection source: https://www.securityfocus.com/bid/19158/info PHP Pro Bid is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because the application fails to properly sanitize...

LinksCaffe 2.0/3.0 - Authentication Bypass

source: https://www.securityfocus.com/bid/19763/info LinksCaffe is prone to an authentication-bypass vulnerability because of a lack of required authentication on the application's administrative script. An attacker can use administrative functions simply by knowing the script's name and location...

Invision Power Board 2.1.x IPSClass.PHP SQL Injection Vulnerability 1

Invision Power Board 2.1.x IPSClass.PHP SQL Injection Vulnerability 1. Webapps exploit for php platform source: http://www.securityfocus.com/bid/18984/info Invision Power Board is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize...

SaPHPLesson 2.0 - add.php SQL Injection

SaPHPLesson 2.0 - add.php SQL Injection source: https://www.securityfocus.com/bid/18934/info SaPHPLesson is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit cou...

SaPHPLesson 2.0 - 'add.php' SQL Injection

source: https://www.securityfocus.com/bid/18934/info SaPHPLesson is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the...

newsPHP 2006 PRO - 'index.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/18726/info NewsPHP 2006 PRO is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. A...

OpenGuestbook 0.5 - view.php?offset SQL Injection

OpenGuestbook 0.5 - view.php?offset SQL Injection source: https://www.securityfocus.com/bid/18666/info OpenGuestbook is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because the application fails to properly sanitize user-supplied...