1163 matches found
iScripts AutoHoster - 'fname' Local File Inclusion
source: https://www.securityfocus.com/bid/64377/info iScripts AutoHoster is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these vulnerabilities to compromise the application, access or modify data, or exploit laten...
iScripts AutoHoster - main_smtp.php Traversal
iScripts AutoHoster - mainsmtp.php Traversal source: https://www.securityfocus.com/bid/64377/info iScripts AutoHoster is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these vulnerabilities to compromise the...
Osclass - Multiple Input Validation Vulnerabilities
Osclass - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/64386/info Osclass is prone to the following input-validation vulnerabilities: 1. A cross-site request-forgery vulnerability 2. Multiple directory-traversal vulnerabilities 3. An SQL-injection...
Osclass - Multiple Input Validation Vulnerabilities
source: https://www.securityfocus.com/bid/64386/info Osclass is prone to the following input-validation vulnerabilities: 1. A cross-site request-forgery vulnerability 2. Multiple directory-traversal vulnerabilities 3. An SQL-injection vulnerability Exploiting these issues may allow a remote...
NeoBill - '/install/include/solidstate.php' Multiple SQL Injections
source: https://www.securityfocus.com/bid/64112/info NeoBill is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these vulnerabilities to compromise the application, access or modify data, or exploit latent...
Enorth Webpublisher CMS - thisday SQL Injection
Enorth Webpublisher CMS - thisday SQL Injection source: https://www.securityfocus.com/bid/64110/info Enorth Webpublisher is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input. A successful exploit will allow an attacker to compromise the...
Course Registration Management System - Cross-Site Scripting SQL Injection
Course Registration Management System - Cross-Site Scripting SQL Injection source: https://www.securityfocus.com/bid/63435/info Course Registration Management System is prone to multiple cross-site scripting and multiple SQL-injection vulnerabilities because it fails to properly sanitize...
FreeSMS - '/pages/crc_handler.php?scheduleid' SQL Injection
source: https://www.securityfocus.com/bid/63004/info FreeSMS is prone to multiple cross-site scripting vulnerabilities and an SQL-injection vulnerability because it fails to properly sanitize user-supplied input. Attackers can exploit these issues to execute arbitrary code in the context of the...
WordPress Plugin mukioplayer4wp - cid SQL Injection
WordPress Plugin mukioplayer4wp - cid SQL Injection source: https://www.securityfocus.com/bid/62438/info mukioplayer4wp for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue coul...
Zoom Telephonics (Multiple Devices) - Multiple Vulnerabilities
Zoom Telephonics Multiple Devices - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/61044/info Multiple Zoom Telephonics devices are prone to an information-disclosure vulnerability, multiple authentication bypass vulnerabilities and an SQL-injection vulnerability. Exploiting...
WordPress Plugin WP Feed - nid SQL Injection
WordPress Plugin WP Feed - nid SQL Injection source: https://www.securityfocus.com/bid/60904/info WP Feed plugin for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow...
Matterdaddy Market - Multiple Vulnerabilities
Matterdaddy Market - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/60150/info Matterdaddy Market is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to execute arbitrary...
Matterdaddy Market - Multiple Vulnerabilities
source: https://www.securityfocus.com/bid/60150/info Matterdaddy Market is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to execute arbitrary script code, upload arbitrary files, steal...
Todoo Forum 2.0 - 'todooforum.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/59069/info Todoo Forum is prone to multiple SQL-injection and cross-site scripting vulnerabilities. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or...
Todoo Forum 2.0 - todooforum.php Multiple SQL Injections
Todoo Forum 2.0 - todooforum.php Multiple SQL Injections source: https://www.securityfocus.com/bid/59069/info Todoo Forum is prone to multiple SQL-injection and cross-site scripting vulnerabilities. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials,...
Request Tracker - ShowPending SQL Injection
Request Tracker - ShowPending SQL Injection source: https://www.securityfocus.com/bid/59022/info Request Tracker is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input before using it in an SQL query. Exploiting this issue could allow an attacker ...
Hero Framework - '/users/login?Username' Cross-Site Scripting
source: https://www.securityfocus.com/bid/59041/info Hero is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the...
Hero Framework - usersforgot_password?error Cross-Site Scripting
Hero Framework - usersforgotpassword?error Cross-Site Scripting source: https://www.securityfocus.com/bid/59041/info Hero is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues could allow an attacker to ste...
Hero Framework - '/users/forgot_password?error' Cross-Site Scripting
source: https://www.securityfocus.com/bid/59041/info Hero is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the...
PHP Address Book - '/addressbook/register/edit_user_save.php' Multiple SQL Injections
source: https://www.securityfocus.com/bid/58911/info PHP Address Book is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit laten...