1163 matches found
Powie pFile 1.02 - pfilefile.php?id SQL Injection
Powie pFile 1.02 - pfilefile.php?id SQL Injection source: https://www.securityfocus.com/bid/51982/info pfile is prone to a cross-site scripting vulnerability and an SQL-injection vulnerability because it fails to properly sanitize user-supplied input. Exploiting these issues could allow an attack...
Dolibarr ERPCRM 3.x - adherentsfiche.php SQL Injection
Dolibarr ERPCRM 3.x - adherentsfiche.php SQL Injection source: https://www.securityfocus.com/bid/51956/info Dolibarr is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attack...
4Images 1.7.10 - admincategories.php?cat_parent_id SQL Injection
4Images 1.7.10 - admincategories.php?catparentid SQL Injection source: https://www.securityfocus.com/bid/51774/info 4images is prone to multiple input-validation vulnerabilities including: 1. A cross-site scripting vulnerability. 2. An open-redirection vulnerability. 3. An SQL-injection...
4Images 1.7.10 - admincategories.php?cat_parent_id Cross-Site Scripting
4Images 1.7.10 - admincategories.php?catparentid Cross-Site Scripting source: https://www.securityfocus.com/bid/51774/info 4images is prone to multiple input-validation vulnerabilities including: 1. A cross-site scripting vulnerability. 2. An open-redirection vulnerability. 3. An SQL-injection...
4Images 1.7.10 - '/admin/categories.php?cat_parent_id' Cross-Site Scripting
source: https://www.securityfocus.com/bid/51774/info 4images is prone to multiple input-validation vulnerabilities including: 1. A cross-site scripting vulnerability. 2. An open-redirection vulnerability. 3. An SQL-injection vulnerability. An attacker may leverage these issues to perform spoofing...
Joomla! Component com_products - Multiple SQL Injections
Joomla! Component comproducts - Multiple SQL Injections source: https://www.securityfocus.com/bid/51674/info The 'comproducts' component for Joomla! is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query...
OSClass 2.3.3 - 'index.php?sCategory' SQL Injection
source: https://www.securityfocus.com/bid/51662/info OSClass is prone to SQL-injection and cross-site scripting vulnerabilities. Exploiting these vulnerabilities could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit...
Joomla! Component Vik Real Estate 1.0 - Multiple SQL Injections
source: https://www.securityfocus.com/bid/51617/info The 'comsanpham' component for Joomla! is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromis...
Joomla! Component com_car - Multiple SQL Injections
source: https://www.securityfocus.com/bid/51620/info The 'comcar' component for Joomla! is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise th...
Snitz Forums 2000 - 'TOPIC_ID' SQL Injection
source: https://www.securityfocus.com/bid/51596/info Snitz Forums 2000 is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit will allow an attacker to compromise the application, access or modi...
PostNuke pnAddressbook Module - id SQL Injection
PostNuke pnAddressbook Module - id SQL Injection source: https://www.securityfocus.com/bid/51566/info The pnAddressbook module for PostNuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issu...
Freelance Zone - 'show_code.php' SQL Injection
source: https://www.securityfocus.com/bid/51533/info Freelance Zone is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modif...
MMORPG Zone - 'view_news.php' SQL Injection
source: https://www.securityfocus.com/bid/51532/info MMORPG Zone is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...
Contus Job Portal - Category SQL Injection
Contus Job Portal - Category SQL Injection source: https://www.securityfocus.com/bid/51404/info Contus Job Portal is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit will allow an attacker to...
Clipbucket 2.6 - view_item.php?type Cross-Site Scripting
Clipbucket 2.6 - viewitem.php?type Cross-Site Scripting source: https://www.securityfocus.com/bid/51321/info ClipBucket is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting the...
Video Community Portal - 'userID' SQL Injection
source: https://www.securityfocus.com/bid/51108/info Video Community Portal is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access ...
Flirt-Projekt 4.8 - 'rub' SQL Injection
source: https://www.securityfocus.com/bid/51106/info Flirt-Projekt is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...
BrowserCRM 5.100.1 - contact_id SQL Injection
BrowserCRM 5.100.1 - contactid SQL Injection source: https://www.securityfocus.com/bid/51060/info Browser CRM is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these...
OrangeHRM 2.6.11 - libcontrollersCentralController.php URI Cross-Site Scripting
OrangeHRM 2.6.11 - libcontrollersCentralController.php URI Cross-Site Scripting source: https://www.securityfocus.com/bid/50857/info OrangeHRM is prone to an SQL-injection and multiple cross-site scripting vulnerabilities. Exploiting these vulnerabilities could allow an attacker to steal...
OrangeHRM 2.6.11 - 'lib/controllers/CentralController.php' URI Cross-Site Scripting
source: https://www.securityfocus.com/bid/50857/info OrangeHRM is prone to an SQL-injection and multiple cross-site scripting vulnerabilities. Exploiting these vulnerabilities could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify...