V3 Chat Instant Messenger - 'profileview.php?membername' Cross-Site Scripting

source: https://www.securityfocus.com/bid/18543/info V3 Chat Instant Messenger is prone to multiple cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

V3 Chat Instant Messenger - 'profile.php?site_id' Cross-Site Scripting

source: https://www.securityfocus.com/bid/18543/info V3 Chat Instant Messenger is prone to multiple cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

V3 Chat Instant Messenger - '/mail/index.php?id' Cross-Site Scripting

source: https://www.securityfocus.com/bid/18543/info V3 Chat Instant Messenger is prone to multiple cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

SaphpLesson 1.12.03.0 - Multiple SQL Injections

SaphpLesson 1.12.03.0 - Multiple SQL Injections source: https://www.securityfocus.com/bid/18501/info The saphplesson module is prone to multiple SQL-injection vulnerabilities because the fails application to properly sanitize user-supplied input before using it in SQL queries. A successful exploi...

Cline Communications - Multiple SQL Injections

source: https://www.securityfocus.com/bid/18491/info Cline Communications is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacker ...

PostNuke 0.76 RC2 - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/18319/info PostNuke is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection vulnerabilities, because the application fails to properly sanitize user-supplied input. A successful exploit of these...

Kmita FAQ 1.0 - index.php?catid SQL Injection

Kmita FAQ 1.0 - index.php?catid SQL Injection source: https://www.securityfocus.com/bid/18282/info Kmita FAQ is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to...

LocazoList Classifieds 1.0 - 'Viewmsg.asp' SQL Injection

source: https://www.securityfocus.com/bid/18254/info LocazoList Classifieds is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...

Abarcar Realty Portal 5.1.5 - 'content.php' SQL Injection

source: https://www.securityfocus.com/bid/18218/info Abarcar Realty Portal is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...

PHP Script Tools PSY Auction - item.php?id SQL Injection

PHP Script Tools PSY Auction - item.php?id SQL Injection source: https://www.securityfocus.com/bid/17974/info PSY Auction is prone to multiple input-validation vulnerabilities. The issues include HTML-injection and SQL-injection vulnerabilities. These issues are due to a failure in the applicatio...

PHP Script Tools PSY Auction - 'email_request.php?user_id' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17974/info PSY Auction is prone to multiple input-validation vulnerabilities. The issues include HTML-injection and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful...

Geeklog 1.4 - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/18154/info Geeklog is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. A successfu...

phpBB Chart Mod 1.1 - 'charts.php?id' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17952/info Chart Mod is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. A...

Ocean12 Technologies Calendar Manager Pro 1.0 1 - adminedit.asp?ID SQL Injection

Ocean12 Technologies Calendar Manager Pro 1.0 1 - adminedit.asp?ID SQL Injection source: https://www.securityfocus.com/bid/17877/info Calendar Manager Pro is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues...

Ocean12 Technologies Calendar Manager Pro 1.0 1 - adminview.asp?searchFor SQL Injection

Ocean12 Technologies Calendar Manager Pro 1.0 1 - adminview.asp?searchFor SQL Injection source: https://www.securityfocus.com/bid/17877/info Calendar Manager Pro is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These...

Ocean12 Technologies Calendar Manager Pro 1.0 1 - '/admin/view.asp?searchFor' SQL Injection

source: https://www.securityfocus.com/bid/17877/info Calendar Manager Pro is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input...

Ocean12 Technologies Calendar Manager Pro 1.0 1 - '/admin/main.asp?date' SQL Injection

source: https://www.securityfocus.com/bid/17877/info Calendar Manager Pro is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input...

EvoTopsite 2.0 - 'index.php' Multiple SQL Injections

source: https://www.securityfocus.com/bid/17893/info evoTopsite is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploits could allow an attacker to compromi...

Blog 0.2.3/0.2.4 Mod - 'Weblog_posting.php' SQL Injection

source: https://www.securityfocus.com/bid/17744/info Blog Mod is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the...

xFlow 5.46.11 - index.cgi Multiple SQL Injections

xFlow 5.46.11 - index.cgi Multiple SQL Injections source: https://www.securityfocus.com/bid/17614/info xFlow is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to...