RunCMS 1.6.1 - (pm.class.php) Multiple SQL Injection Vulnerabilities

Exploit for php platform in category web applications source: http://www.securityfocus.com/bid/29069/info RunCMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an...

Joomla! Component Inneradmission - index.php SQL Injection

Joomla! Component Inneradmission - index.php SQL Injection source: https://www.securityfocus.com/bid/66708/info Inneradmission component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting...

GNUBoard 4.3x - ajax.autosave.php Multiple SQL Injections

GNUBoard 4.3x - ajax.autosave.php Multiple SQL Injections source: https://www.securityfocus.com/bid/66228/info GNUboard is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. A successful exploit may allow an attacker to compromise the...

Debian Security Advisory DSA 2865-1 (postgresql-9.1 - several vulnerabilities)

Various vulnerabilities were discovered in PostgreSQL: CVE-2014-0060 Shore up GRANT ... WITH ADMIN OPTION restrictions Noah Misch Granting a role without ADMIN OPTION is supposed to prevent the grantee from adding or removing members from the granted role, but this restriction was easily bypassed...

Command School Student Management System - '/sw/health_allergies.php?id' SQL Injection

source: https://www.securityfocus.com/bid/64707/info Command School Student Management System is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. A cross-site request forgery vulnerability 3. A cross-site scripting vulnerability 4. An HTML injection...

Command School Student Management System - '/sw/add_topic.php' Cross-Site Request Forgery (Topic Creation)

source: https://www.securityfocus.com/bid/64707/info Command School Student Management System is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. A cross-site request forgery vulnerability 3. A cross-site scripting vulnerability 4. An HTML injection...

Dredge School Administration System - '/DSM/loader.php?Id' SQL Injection

source: https://www.securityfocus.com/bid/64720/info Dredge School Administration System is prone to the following security vulnerabilities: 1. An SQL-injection vulnerability 2. A cross-site request forgery vulnerability 3. A cross-site scripting vulnerability 4. An information-disclosure...

Command School Student Management System - '/sw/admin_relations.php?id' SQL Injection

source: https://www.securityfocus.com/bid/64707/info Command School Student Management System is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. A cross-site request forgery vulnerability 3. A cross-site scripting vulnerability 4. An HTML injection...

Command School Student Management System - swadmin_infraction_codes.php?id SQL Injection

Command School Student Management System - swadmininfractioncodes.php?id SQL Injection source: https://www.securityfocus.com/bid/64707/info Command School Student Management System is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. A cross-site reques...

Dredge School Administration System - DSMloader.php?Id SQL Injection

Dredge School Administration System - DSMloader.php?Id SQL Injection source: https://www.securityfocus.com/bid/64720/info Dredge School Administration System is prone to the following security vulnerabilities: 1. An SQL-injection vulnerability 2. A cross-site request forgery vulnerability 3. A...

Command School Student Management System - swadmin_relations.php?id SQL Injection

Command School Student Management System - swadminrelations.php?id SQL Injection source: https://www.securityfocus.com/bid/64707/info Command School Student Management System is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. A cross-site request...

Command School Student Management System - swhealth_allergies.php?id SQL Injection

Command School Student Management System - swhealthallergies.php?id SQL Injection source: https://www.securityfocus.com/bid/64707/info Command School Student Management System is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. A cross-site request...

Dredge School Administration System - DSMloader.php Cross-Site Request Forgery (Admin Account Manipulation)

Dredge School Administration System - DSMloader.php Cross-Site Request Forgery Admin Account Manipulation source: https://www.securityfocus.com/bid/64720/info Dredge School Administration System is prone to the following security vulnerabilities: 1. An SQL-injection vulnerability 2. A cross-site...

Command School Student Management System - swadmin_generations.php?id SQL Injection

Command School Student Management System - swadmingenerations.php?id SQL Injection source: https://www.securityfocus.com/bid/64707/info Command School Student Management System is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. A cross-site request...

Command School Student Management System - swadmin_school_names.php?id SQL Injection

Command School Student Management System - swadminschoolnames.php?id SQL Injection source: https://www.securityfocus.com/bid/64707/info Command School Student Management System is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. A cross-site request...

Command School Student Management System - swadmin_media_codes_1.php?id SQL Injection

Command School Student Management System - swadminmediacodes1.php?id SQL Injection source: https://www.securityfocus.com/bid/64707/info Command School Student Management System is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. A cross-site request...

Dredge School Administration System - DSMloader.php Account Information Disclosure

Dredge School Administration System - DSMloader.php Account Information Disclosure source: https://www.securityfocus.com/bid/64720/info Dredge School Administration System is prone to the following security vulnerabilities: 1. An SQL-injection vulnerability 2. A cross-site request forgery...

Command School Student Management System - '/sw/admin_sgrades.php?id' SQL Injection

source: https://www.securityfocus.com/bid/64707/info Command School Student Management System is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. A cross-site request forgery vulnerability 3. A cross-site scripting vulnerability 4. An HTML injection...

CMS Afroditi - id SQL Injection

CMS Afroditi - id SQL Injection source: https://www.securityfocus.com/bid/64572/info CMS Afroditi is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise th...

iScripts AutoHoster - 'id' Local File Inclusion

source: https://www.securityfocus.com/bid/64377/info iScripts AutoHoster is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these vulnerabilities to compromise the application, access or modify data, or exploit laten...