PhotoPost PHP 3.3.1 'cat' Parameter Cross Site Scripting and SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/35996/info PhotoPost PHP is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to...

Koobi Pro 5.6 showtopic Module toid Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/18970/info Koobi Pro prone to a cross-site scripting issue and an SQL-injection issue because the application fails to properly sanitize user-supplied input. A successful exploit of these vulnerabilities could allow an...

Inventory Manager Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/21069/info Inventory Manager is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because the application fails to properly sanitize user-supplied input. Successf...

Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 GradebookStuScores.asp GrdBk Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/27924/info Aeries Student Information System is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and an HTML-injection issue, because it fails to sufficiently sanitize...

Mega Mall product_review.php Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/21072/info Megamail is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...

TikiWiki Versions Prior to 4.2 Multiple Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/38608/info TikiWiki is prone to multiple vulnerabilities, including: - An SQL-injection vulnerability - An unspecified authentication-bypass vulnerability - An unspecified vulnerability Exploiting these issues could allow...

UBB.threads 7.3.1 'Forum[]' Array SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31074/info UBB.threads is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise t...

xFlow 5.46.11 index.cgi Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/17614/info xFlow is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize...

Xt-News 0.1 show_news.php id_news Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21719/info Xt-News is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because it fails to sufficiently sanitize user-supplied input. An attacker could exploit...

MaxWebPortal 1.3 dl_toprated.asp SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/13466/info MaxWebPortal is reportedly affected by multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries...

Bitweaver 1.1.1 view_post.php post_id Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/15962/info bitweaver is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities...

NuclearBB Alpha 1 Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/23555/info NuclearBB is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...

EasyPublish 3.0 'read' Parameter Multiple SQL Injection and Cross-Site Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/30307/info EasyPublish is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issues include SQL-injection and cross-site scripting vulnerabilities...

ASP Forum Script messages.asp message_id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/32571/info ASP Forum Script is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an...

Bitweaver 1.1.1 message_box.php sort_mode Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/15962/info bitweaver is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities...

vwdev Index.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16547/info The vwdev application is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. Successful exploitation can allow an attacker to...

Fullaspsite ASP Hosting Site listmain.asp cat Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/22545/info Fullaspsite Shop is prone to multiple input-validation issues, including multiple cross-site scripting issues and an SQL-injection issue, because the application fails to properly sanitize user-supplied input. ...

Entergal MX 2.0 - Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/15631/info Entergal MX is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...

AbleDating 2.4 - search_results.php keyword Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/29342/info AbleDating is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issues include an SQL-injection vulnerability and a cross-site scripting...

PHP-Nuke Sell Module - 'cid' Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27980/info The 'Sell' module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...