PHPMySpace Gold 8.0 'gid' Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37881/info PHPMySpace Gold is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromi...

VWar 1.x war.php page Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/19327/info Vwar is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues. These issues occur because the application fails to properly sanitize user-supplied input. A...

PostNuke 0.6x/0.7x NS-Languages Module language Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/16752/info PostNuke is prone to multiple input-validation vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input. Successful exploitation could allow an attacker to...

Visuplay CMS Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/33209/info Visuplay CMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...

PHP-Nuke NukeC30 3.0 Module - 'id_catg' Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28197/info The NukeC30 module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...

Noah's Classifieds 1.0/1.3 Search Page SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16773/info Noah's Classifieds is prone to an SQL-injection vulnerability. The application fails to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could allow an attacker to...

Absolute News Manager .NET 5.1 pages/default.aspx template Variable Remote File Access

No description provided by source. source: http://www.securityfocus.com/bid/26692/info Absolute News Manager .NET is prone to multiple remote vulnerabilities, including multiple cross-site scripting, SQL-injection, and information-disclosure issues. Attackers can exploit these issues to steal...

PunBB 1.x SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/20786/info PunBB is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may exploit these issues to execute arbitrary script code in the context of...

Absolute News Manager .NET 5.1 xlaabsolutenm.aspx rmore Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/26692/info Absolute News Manager .NET is prone to multiple remote vulnerabilities, including multiple cross-site scripting, SQL-injection, and information-disclosure issues. Attackers can exploit these issues to steal...

Dark Age CMS 2.0 'login.php' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/33271/info Dark Age CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise...

VEGO Links Builder 2.0 Login Script SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16108/info VEGO Links Builder is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation...

V3 Chat Instant Messenger - mail/index.php id Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/18543/info V3 Chat Instant Messenger is prone to multiple cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker...

V3 Chat Instant Messenger - mail/reply.php id Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/18543/info V3 Chat Instant Messenger is prone to multiple cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker...

The Classified Ad System 3.0 default.asp Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21198/info The Classified Ad System is prone to multiple input-validation vulnerabilities, including SQL-injection issues and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied data...

OpenX 2.6.1 SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37913/info OpenX is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

Klf-Realty 2.0 detail.asp property_id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/21199/info Klf-Realty is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...

PluggedOut Blog 1.9.x Index.PHP Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/15746/info PluggedOut Blog is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...

Rapid Classified 3.1 reply.asp Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21197/info Rapid Classified is prone to multiple input-validation issues, including multiple cross-site scripting issues and an SQL-injection issue, because the application fails to properly sanitize user-supplied input. ...

Active Bids search.asp search Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/33306/info Active Auction House and Active Auction Pro are prone to SQL-injection and cross-site scripting vulnerabilities because they fail to sufficiently sanitize user-supplied data. Exploiting these issues could allow...

Evandor Easy notesManager 0.0.1 Search Page SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/20803/info Easy notesManager is prone to multiple SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacker to...