718 matches found
Expinion.net Member Management System 2.1 - resend.asp?ID SQL Injection
Expinion.net Member Management System 2.1 - resend.asp?ID SQL Injection source: https://www.securityfocus.com/bid/9931/info It has been reported that Member Management System may be prone to a SQL injection vulnerability that may allow a remote attacker to inject malicious SQL syntax into databas...
Expinion.net Member Management System 2.1 - news_view.asp?ID SQL Injection
Expinion.net Member Management System 2.1 - newsview.asp?ID SQL Injection source: https://www.securityfocus.com/bid/9931/info It has been reported that Member Management System may be prone to a SQL injection vulnerability that may allow a remote attacker to inject malicious SQL syntax into...
Mambo Open Source 4.5 - index.php SQL Injection
Mambo Open Source 4.5 - index.php SQL Injection source: https://www.securityfocus.com/bid/9891/info It has been reported that the Mambo 'index.php' script is prone to an SQL injection vulnerability. This issue is due to a failure of the application to properly validate user supplied URI input. As...
Mambo Open Source 4.5 - 'index.php' SQL Injection
source: https://www.securityfocus.com/bid/9891/info It has been reported that the Mambo 'index.php' script is prone to an SQL injection vulnerability. This issue is due to a failure of the application to properly validate user supplied URI input. As a result of this a malicious user may influence...
IP3 Networks IP3 NetAccess Appliance - SQL Injection
IP3 Networks IP3 NetAccess Appliance - SQL Injection source: https://www.securityfocus.com/bid/9858/info The IP3 NetAccess Appliance is reported prone to a remote SQL-injection vulnerability. This issue is due to the application's failure to properly sanitize user input. This issue may allow an...
IP3 Networks IP3 NetAccess Appliance - SQL Injection
source: https://www.securityfocus.com/bid/9858/info The IP3 NetAccess Appliance is reported prone to a remote SQL-injection vulnerability. This issue is due to the application's failure to properly sanitize user input. This issue may allow an attacker to gain full control of the appliance through...
eCommerce Corporation Online Store Kit 3.0 - shop_by_brand.php?cat_manufacturer SQL Injection
eCommerce Corporation Online Store Kit 3.0 - shopbybrand.php?catmanufacturer SQL Injection source: https://www.securityfocus.com/bid/9687/info It has been reported that Online Store Kit is prone to multiple SQL injection vulnerabilities. These issues arise due to insufficient sanitation of...
BosDev BosDates 3.x - SQL Injection
BosDev BosDates 3.x - SQL Injection source: https://www.securityfocus.com/bid/9639/info An SQL injection vulnerability has been reported to affect BosDates calendar system. The issue arises due to insufficient sanitization of user supplied data. As a result of this issue an attacker could modify...
YABB SE 1.x - 'SSI.php' ID_MEMBER SQL Injection
source: https://www.securityfocus.com/bid/9449/info A problem with YaBB SE could make it possible for a remote user launch SQL injection attacks. It has been reported that a problem exists in the SSI.php script distributed as part of YaBB SE. Due to insufficient sanitizing of user-supplied URI...
osCommerce 2.2 - 'products_id' SQL Injection
source: https://www.securityfocus.com/bid/9275/info It has been reported that one of the scripts included with osCommerce fails to validate user-supplied input, rendering it vulnerable to a SQL injection attack. It has been reported that an attacker may supply malicious SQL queries as a URI...
Mambo Open Source 4.0.14 Server - SQL Injection
Mambo Open Source 4.0.14 Server - SQL Injection source: https://www.securityfocus.com/bid/9196/info It has bee reported that Mambo Open Source 4.0.14 Server is prone to SQL injection attacks. The problem is said to occur due to insufficient sanitization of data passed to specific index.php...
Mambo Open Source 4.0.14 - PollBooth.php Multiple SQL Injections
Mambo Open Source 4.0.14 - PollBooth.php Multiple SQL Injections source: https://www.securityfocus.com/bid/9197/info Mambo Open Source is prone to SQL injection attacks. This is due to an input validation error in 'pollBooth.php'. In particular, various user-supplied variables are used in an SQL...
VieNuke VieBoard 2.6 - SQL Injection
VieNuke VieBoard 2.6 - SQL Injection source: https://www.securityfocus.com/bid/8967/info It has been reported that VieNuke VieBoard may be prone to a SQL injection vulnerability that may allow an attacker to disclose sensitive information by supplying malicious SQL code to the underlying database...
VieNuke VieBoard 2.6 - SQL Injection
source: https://www.securityfocus.com/bid/8967/info It has been reported that VieNuke VieBoard may be prone to a SQL injection vulnerability that may allow an attacker to disclose sensitive information by supplying malicious SQL code to the underlying database. A malicious user may influence...
WordPress 'blog.header.php' Multiple Parameter SQL Injection
The version of WordPress running on the remote host is affected by multiple SQL injection vulnerabilities. An attacker can exploit these flaws to execute arbitrary database queries resulting in the disclosure of sensitive information. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Ref: From...
PT-2002-2753 · Php · Php-Nuke
Name of the Vulnerable Software and Affected Versions: PHP-Nuke versions 5.4 and earlier Description: The issue allows remote attackers to gain SQL query information by exploiting debugging features that are not properly restricted. This can be achieved by setting the sql debug parameter in...
IBM Net.Commerce 2.03.x4.x - orderdspc.d2w order_rn Option SQL Injection
IBM Net.Commerce 2.03.x4.x - orderdspc.d2w orderrn Option SQL Injection source: https://www.securityfocus.com/bid/2350/info IBM's Net.Commerce ecommerce platform supports macros which, by default, do not properly validate requests in user-supplied input. A thoughtfully-formed request to a...
CVE-2000-0325
The Microsoft Jet database engine allows an attacker to execute commands via a database query, aka the "VBA Shell" vulnerability...