Woltlab Burning Board 1.2/2.0/2.3 - 'newthread.php?boardid' SQL Injection

source: https://www.securityfocus.com/bid/18597/info WoltLab Burning Board is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied data before using it in an SQL query. A successful exploit could allow an attacker...

V3 Chat Instant Messenger - expire.php?cust_name Cross-Site Scripting

V3 Chat Instant Messenger - expire.php?custname Cross-Site Scripting source: https://www.securityfocus.com/bid/18543/info V3 Chat Instant Messenger is prone to multiple cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitiz...

V3 Chat Instant Messenger - 'online.php?site_id' Cross-Site Scripting

source: https://www.securityfocus.com/bid/18543/info V3 Chat Instant Messenger is prone to multiple cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

vCard PRO - search.php?event_id SQL Injection

vCard PRO - search.php?eventid SQL Injection source: https://www.securityfocus.com/bid/18699/info VCard PRO is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. A successfu...

vCard PRO - create.php?card_id SQL Injection

vCard PRO - create.php?cardid SQL Injection source: https://www.securityfocus.com/bid/18699/info VCard PRO is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. A successful...

Woltlab Burning Board 2.x - Multiple SQL Injections

Woltlab Burning Board 2.x - Multiple SQL Injections source: https://www.securityfocus.com/bid/18423/info Woltlab Burning Board is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful...

Kmita FAQ 1.0 - 'search.php?q' Cross-Site Scripting

source: https://www.securityfocus.com/bid/18282/info Kmita FAQ is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. A...

Alex DownloadEngine 1.4.1 - comments.php SQL Injection

Alex DownloadEngine 1.4.1 - comments.php SQL Injection source: https://www.securityfocus.com/bid/18293/info DownloadEngine is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A...

Kmita FAQ 1.0 - search.php?q Cross-Site Scripting

Kmita FAQ 1.0 - search.php?q Cross-Site Scripting source: https://www.securityfocus.com/bid/18282/info Kmita FAQ is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application t...

JemWeb DownloadControl 1.0 - 'DC.php' SQL Injection

source: https://www.securityfocus.com/bid/18041/info DownloadControl is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise t...

Ocean12 Technologies Calendar Manager Pro 1.0 1 - '/admin/main.asp?date' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17877/info Calendar Manager Pro is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input...

Creative Software UK Community Portal 1.1 - DiscReply.php?mid SQL Injection

Creative Software UK Community Portal 1.1 - DiscReply.php?mid SQL Injection source: https://www.securityfocus.com/bid/17890/info Creative Community Portal is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied...

Ocean12 Technologies Calendar Manager Pro 1.0 1 - adminmain.asp?date SQL Injection

Ocean12 Technologies Calendar Manager Pro 1.0 1 - adminmain.asp?date SQL Injection source: https://www.securityfocus.com/bid/17877/info Calendar Manager Pro is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issu...

Ocean12 Technologies Calendar Manager Pro 1.0 1 - '/admin/edit.asp?ID' SQL Injection

source: https://www.securityfocus.com/bid/17877/info Calendar Manager Pro is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input...

Creative Software UK Community Portal 1.1 - 'ArticleView.php?article_id' SQL Injection

source: https://www.securityfocus.com/bid/17890/info Creative Community Portal is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an...

Blog 0.2.30.2.4 Mod - Weblog_posting.php SQL Injection

Blog 0.2.30.2.4 Mod - Weblogposting.php SQL Injection source: https://www.securityfocus.com/bid/17744/info Blog Mod is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful...

DUclassified - 'detail.asp' SQL Injection

source: https://www.securityfocus.com/bid/17722/info DUclassified is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the...

Cartweaver 2.16.11 - 'Results.cfm' SQL Injection

source: https://www.securityfocus.com/bid/17941/info Cartweaver ColdFusion is prone to SQL-injection vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input before using it in SQL queries. Successful exploits could allow an attacker to compromis...

MKPortal 1.1 - Multiple Input Validation Vulnerabilities

MKPortal 1.1 - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/17651/info MKPortal is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the...

MKPortal 1.1 - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/17651/info MKPortal is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful...