1163 matches found
ManageEngine Password Manager Pro / ManageEngine IT360 - SQL Injection
source: https://www.securityfocus.com/bid/69303/info ManageEngine Password Manager Pro and ManageEngine IT360 are prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...
WordPress Daily Edition Theme <= 1.6.2 - SQL Injection
This theme is prone to an SQL injection. This vulnerability allows an attacker to modify data, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Update the theme...
Fonality trixbox - asterisk_info.php Directory Traversal
Fonality trixbox - asteriskinfo.php Directory Traversal source: https://www.securityfocus.com/bid/68719/info ol-commerce is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting...
Fonality trixbox - index.php Directory Traversal
Fonality trixbox - index.php Directory Traversal source: https://www.securityfocus.com/bid/68719/info ol-commerce is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these...
Fonality trixbox - endpoint_generic.php SQL Injection
Fonality trixbox - endpointgeneric.php SQL Injection source: https://www.securityfocus.com/bid/68720/info Trixbox is prone to the following security vulnerabilities: 1. An SQL-injection vulnerability 2. A cross-site scripting vulnerability 3. Multiple local file-include vulnerabilities 4. A remot...
Fonality trixbox - repo.php Directory Traversal
Fonality trixbox - repo.php Directory Traversal source: https://www.securityfocus.com/bid/68719/info ol-commerce is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these...
Fonality trixbox - endpointcfg.php Directory Traversal
Fonality trixbox - endpointcfg.php Directory Traversal source: https://www.securityfocus.com/bid/68719/info ol-commerce is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting...
OL-Commerce - '/OL-Commerce/affiliate_show_banner.php?affiliate_banner_id' SQL Injection
source: https://www.securityfocus.com/bid/68719/info ol-commerce is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these vulnerabilities could allow an attacker to steal...
OL-Commerce - '/OL-Commerce/admin/create_account.php?entry_country_id' SQL Injection
source: https://www.securityfocus.com/bid/68719/info ol-commerce is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these vulnerabilities could allow an attacker to steal...
Archimede Net 2000 'E-Guest_show.php' SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27563/info Archimede Net 2000 is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...
DRZES HMS 3.2 - Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/15644/info DRZES HMS is prone to multiple SQL injection vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input before it is used in SQL queries. Successful exploitation could result ...
Phorum 5.1.20 include/controlcenter/users.php Multiple Method Remote Privilege Escalation
No description provided by source. source: http://www.securityfocus.com/bid/23616/info Phorum is prone to multiple input-validation vulnerabilities, including an unauthorized-access issue, privilege-escalation issue, multiple SQL-injection issues, and cross-site scripting issues, because the...
Clever Copy 3.0 Multiple SQL Injection and Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/27335/info Clever Copy is prone to multiple input-validation vulnerabilities, including two SQL-injection issues and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied data. Exploiting...
Phorum 5.1.20 pm.php Recipient Name SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/23616/info Phorum is prone to multiple input-validation vulnerabilities, including an unauthorized-access issue, privilege-escalation issue, multiple SQL-injection issues, and cross-site scripting issues, because the...
ClassSystem 2.0/2.3 - MessageReply.php teacher_id Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/29372/info ClassSystem is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. These issues include multiple SQL-injection vulnerabilities and an...
PHPBB 2.0.13 DLMan Pro Module SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13028/info The DLMan Pro mod for phpBB is reportedly affected by an SQL Injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query...
dotnetindex Professional Download Assistant 0.1 SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/32706/info Professional Download Assistant is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...
phpBB2 Plus 1.53 'kb.php' SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/38828/info phpBB2 Plus is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise t...
JiRo's Banner System 2.0 Login.ASP Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/26479/info JiRo's Banner System is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an...
Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 ClassList.asp Term Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/27924/info Aeries Student Information System is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and an HTML-injection issue, because it fails to sufficiently sanitize...