AlamFifa CMS - 'user_name_cookie' SQL Injection

source: https://www.securityfocus.com/bid/55746/info AlamFifa CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...

YCommerce - Multiple SQL Injections

YCommerce - Multiple SQL Injections source: https://www.securityfocus.com/bid/55653/info YCommerce is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacke...

TAGWORX.CMS - cid SQL Injection

TAGWORX.CMS - cid SQL Injection source: https://www.securityfocus.com/bid/55586/info TAGWORX.CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow an attacker to compromise the...

FreeWebshop <= 2.2.9 Multiple SQLi and XSS Vulnerabilities - Active Check

FreeWebshop is prone to multiple SQL injection SQLi and cross- site scripting XSS vulnerabilities because it fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...

Sciretech (Multiple Products) - Multiple SQL Injections

Sciretech Multiple Products - Multiple SQL Injections source: https://www.securityfocus.com/bid/55390/info Sciretech Multimedia Manager and Sciretech File Manager are prone to multiple SQL-injection vulnerabilities because they fail to sufficiently sanitize user-supplied data before using it in a...

Sitemax Maestro - SQL Injection / Local File Inclusion

source: https://www.securityfocus.com/bid/55386/info Sitemax Maestro is prone to SQL-injection and local file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these vulnerabilities to compromise the application, access or modify data,...

1024 CMS 2.1.1 - p SQL Injection

1024 CMS 2.1.1 - p SQL Injection source: https://www.securityfocus.com/bid/55170/info 1024 CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

Jara 1.6 - Multiple SQL Injections Multiple Cross-Site Scripting Vulnerabilities

Jara 1.6 - Multiple SQL Injections Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/55145/info Jara is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied...

Banana Dance - Cross-Site Scripting / SQL Injection

source: https://www.securityfocus.com/bid/55153/info Banana Dance is prone to cross-site-scripting and SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to execute arbitrary script code in the browser of an...

Hotel Booking Portal 0.1 - Multiple SQL Injections Cross-Site Scripting

Hotel Booking Portal 0.1 - Multiple SQL Injections Cross-Site Scripting source: https://www.securityfocus.com/bid/54980/info Hotel Booking Portal is prone to multiple SQL-injection vulnerabilities and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied...

YT-Videos Script - &#039;id&#039; SQL Injection

source: https://www.securityfocus.com/bid/54859/info YT-Videos Script is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow an attacker to compromise the application, access or modify...

Joomla! Component com_photo - Multiple SQL Injections

source: https://www.securityfocus.com/bid/54814/info The 'comphoto' module for Joomla! is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

Open Constructor - datafileedit.php?result Cross-Site Scripting

Open Constructor - datafileedit.php?result Cross-Site Scripting source: https://www.securityfocus.com/bid/54822/info Open Constructor is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. Exploiting these vulnerabilities could allow an...

Open Constructor - confirm.php?q Cross-Site Scripting

Open Constructor - confirm.php?q Cross-Site Scripting source: https://www.securityfocus.com/bid/54822/info Open Constructor is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. Exploiting these vulnerabilities could allow an attacker to...

Open Constructor - usersusers.php?keyword Cross-Site Scripting

Open Constructor - usersusers.php?keyword Cross-Site Scripting source: https://www.securityfocus.com/bid/54822/info Open Constructor is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. Exploiting these vulnerabilities could allow an...

WordPress Theme ShopperPress - SQL Injection / Cross-Site Scripting

source: https://www.securityfocus.com/bid/55062/info The ShopperPress WordPress theme is prone to an SQL-injection and multiple cross-site vulnerabilities because it fails to properly sanitize user-supplied input. Successful exploits will allow an attacker to steal cookie-based authentication...

Joomla! Component Odudeprofile 2.8 - profession SQL Injection

Joomla! Component Odudeprofile 2.8 - profession SQL Injection source: https://www.securityfocus.com/bid/54677/info Odudeprofile Component is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit m...

tekno.Portal 0.1b - &#039;anket.php&#039; SQL Injection

source: https://www.securityfocus.com/bid/54698/info tekno.Portal is prone to an SQL-injection vulnerability. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. tekno.Portal 0.1b is...

phpProfiles - Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/54660/info phpProfiles is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these vulnerabilities could allow an attacker to execute malicious code within the context of the web server...

Event Calender PHP - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/54455/info Event Calender PHP is prone to multiple input validation vulnerabilities. Exploiting these vulnerabilities could allow an attacker to execute arbitrary script code, steal cookie-based authentication credentials, compromise the application, acce...