aWebNews 1.2 - visview.php?_GET[cid] SQL Injection

aWebNews 1.2 - visview.php?GETcid SQL Injection source: https://www.securityfocus.com/bid/17352/info aWebBB is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to...

SoftBiz Image Gallery - 'mage_desc.php' Multiple SQL Injections

source: https://www.securityfocus.com/bid/17339/info Softbiz Image Gallery is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacke...

SoftBiz Image Gallery - 'suggest_image.php?cid' SQL Injection

source: https://www.securityfocus.com/bid/17339/info Softbiz Image Gallery is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacke...

O2PHP Oxygen 1.01.1 - post.php SQL Injection

O2PHP Oxygen 1.01.1 - post.php SQL Injection source: https://www.securityfocus.com/bid/17324/info Oxygen is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit cou...

PhxContacts 0.93 - contact_view.php?id_contact SQL Injection

PhxContacts 0.93 - contactview.php?idcontact SQL Injection source: https://www.securityfocus.com/bid/17306/info PhxContacts is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL...

OneOrZero 1.6.3 Helpdesk - index.php SQL Injection

OneOrZero 1.6.3 Helpdesk - index.php SQL Injection source: https://www.securityfocus.com/bid/17298/info OneOrZero Helpdesk is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A...

Nuked-klaN 1.x - index.php SQL Injection

Nuked-klaN 1.x - index.php SQL Injection source: https://www.securityfocus.com/bid/17233/info Nuked-Klan is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit cou...

Pixel Motion - 'index.php?date' SQL Injection

source: https://www.securityfocus.com/bid/17260/info Pixel Motion is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...

DSLogin 1.0 - 'index.php' Multiple SQL Injections

source: https://www.securityfocus.com/bid/17262/info DSLogin is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromis...

1WebCalendar 4.0 - newsnewsView.cfm?NewsID SQL Injection

1WebCalendar 4.0 - newsnewsView.cfm?NewsID SQL Injection source: https://www.securityfocus.com/bid/17193/info 1WebCalendar is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL...

MusicBox 2.3 - index.php SQL Injection

MusicBox 2.3 - index.php SQL Injection source: https://www.securityfocus.com/bid/17149/info MusicBox is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly...

Oxynews - index.php SQL Injection

Oxynews - index.php SQL Injection source: https://www.securityfocus.com/bid/17132/info Oxynews is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow a...

Invision Power Board 2.1.5 - showtopic SQL Injection

source: https://www.securityfocus.com/bid/16971/info Invision Power Board is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...

Invision Power Board 2.1.5 - showtopic SQL Injection

Invision Power Board 2.1.5 - showtopic SQL Injection source: https://www.securityfocus.com/bid/16971/info Invision Power Board is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A...

sNews - index.php Multiple SQL Injections

sNews - index.php Multiple SQL Injections source: https://www.securityfocus.com/bid/16647/info sNews is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabiliti...

HiveMail 1.2.21.3 - addressbook.update.php?contactgroupid Arbitrary PHP Command Execution

HiveMail 1.2.21.3 - addressbook.update.php?contactgroupid Arbitrary PHP Command Execution source: https://www.securityfocus.com/bid/16591/info HiveMail is prone to multiple vulnerabilities. These vulnerabilities may allow the execution of arbitrary PHP code, cross-site scripting attacks, and SQL...

HiveMail 1.2.21.3 - index.php $_SERVER[PHP_SELF] Cross-Site Scripting

HiveMail 1.2.21.3 - index.php $SERVERPHPSELF Cross-Site Scripting source: https://www.securityfocus.com/bid/16591/info HiveMail is prone to multiple vulnerabilities. These vulnerabilities may allow the execution of arbitrary PHP code, cross-site scripting attacks, and SQL injection. The PHP...

Webeveyn Whomp! Real Estate Manager 2005 - Login SQL Injection

source: https://www.securityfocus.com/bid/16544/info Whomp! Real Estate Manager is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could allow an attacker t...

SZUserMgnt 1.4 - Username SQL Injection

SZUserMgnt 1.4 - Username SQL Injection source: https://www.securityfocus.com/bid/16454/info SZUserMgnt is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation...

UBBCentral UBB.Threads 6.3 - 'showflat.php' SQL Injection

source: https://www.securityfocus.com/bid/16520/info UBB.Threads is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could allow an attacker to compromise th...