Kayako SupportSuite 3.x staff/index.php customfieldlinkid Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/30642/info Kayako SupportSuite is prone to multiple input-validation vulnerabilities, including an SQL-injection issue, multiple cross-site scripting issues, and an HTML-injection issue. The vulnerabilities occur because...

ArabPortal 2.0.1 - Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/17375/info ArabPortal is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly...

BTGrup Admin WebController SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15819/info BTGrup Admin WebController is prone to an SQL injection vulnerability. This is due to a lack of proper sanitization of user-supplied input before using it in an SQL query. Successful exploitation could result i...

Neuron News 1.0 Multiple SQL Injection and Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/26896/info Neuron News is prone to multiple input-validation vulnerabilities, including an SQL-injection issue and two cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting...

Joomla! and Mambo com_iomezun Component - 'id' Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27748/info The Joomla! and Mambo 'comiomezun' component is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could...

PHCDownload 1.1 - admin/index.php hash Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/28922/info PHCDownload is prone to an SQL-injection and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script cod...

fipsShop Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/21289/info fipsShop is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...

Cacti <= 0.8.7 graph_xport.php local_graph_id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/27749/info Cacti is prone to multiple unspecified input-validation vulnerabilities, including: - Multiple cross-site scripting vulnerabilities - Multiple SQL-injection vulnerabilities - An HTTP response-splitting...

Click Gallery Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/21311/info Click Gallery is prone to multiple input-validation vulnerabilities, including SQL-injection issues and a cross-site scripting issue, because the application fails to sufficiently sanitize user-supplied data...

DUportal Pro 3.4 result.asp Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/13285/info DUportal Pro is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacke...

Cartweaver 2.16.11 Results.cfm category Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/17941/info Cartweaver ColdFusion is prone to SQL-injection vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input before using it in SQL queries. Successful exploits...

PHP Realty 'dpage.php' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30678/info PHP Realty is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise th...

DeluxeBB 1.0 forums.php fid Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/14851/info DeluxeBB is prone to multiple SQL injection vulnerabilities. These are due to a lack of proper sanitization of user-supplied input before being sent to SQL queries. Successful exploitation could result in a...

Cartweaver 2.16.11 Details.cfm ProdID Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/17941/info Cartweaver ColdFusion is prone to SQL-injection vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input before using it in SQL queries. Successful exploits...

The Rat CMS viewarticle.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/29959/info The Rat CMS is prone to multiple input-validation vulnerabilities, including SQL-injection issues and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting these...

DeluxeBB 1.0 pm.php uid Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/14851/info DeluxeBB is prone to multiple SQL injection vulnerabilities. These are due to a lack of proper sanitization of user-supplied input before being sent to SQL queries. Successful exploitation could result in a...

Fantastic News 2.1.1 - SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16842/info Fantastic News is prone to an SQL-injection vulnerability. Successful exploitation could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying...

phpBB Chart Mod 1.1 charts.php id Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/17952/info Chart Mod is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly...

DUportal 3.1.2 type.asp iCat Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/13288/info DUportal/DUportal SQL are prone to multiple SQL injection vulnerabilities. These issues exist because the application fails to properly sanitize user-supplied input before using it in SQL queries. Successful...

PHPX 3.5.15/3.5.16 gallery.php Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/23033/info PHPX is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based...