PGAUTOPro - SQL Injection / Cross-Site Scripting (2)

source: https://www.securityfocus.com/bid/40664/info PG Auto Pro is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these vulnerabilities could allow an attacker to steal cookie-based...

osCommerce Visitor Web Stats AddOn - 'Accept-Language' Header SQL Injection

source: https://www.securityfocus.com/bid/40425/info osCommerce Visitor Web Stats is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application,...

Lisk CMS 4.4 - 'id' Multiple Cross-Site Scripting / SQL Injections

source: https://www.securityfocus.com/bid/40314/info Lisk CMS is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, control how...

Family Connections 2.2.3 Multiple SQL Injection Vulnerabilities

Family Connections is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabiliti...

Affiliate Store Builder - 'edit_cms.php' Multiple SQL Injections

source: https://www.securityfocus.com/bid/40058/info Affiliate Store Builder is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the...

SmartBlog 1.3 - SQL Injection Cross-Site Scripting

SmartBlog 1.3 - SQL Injection Cross-Site Scripting source: https://www.securityfocus.com/bid/39756/info SmartBlog is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these vulnerabilities coul...

SmartBlog 1.3 - SQL Injection / Cross-Site Scripting

source: https://www.securityfocus.com/bid/39756/info SmartBlog is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these vulnerabilities could allow an attacker to steal cookie-based...

Oracle E-Business Suite Financials 12 - 'jtfwcpnt.jsp' SQL Injection

source: https://www.securityfocus.com/bid/39510/info Oracle E-Business Suite Financials is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

Blog System 1.x - Multiple Input Validation Vulnerabilities

Blog System 1.x - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/39406/info Blog System is prone to multiple input-validation vulnerabilities because it fails to adequately sanitize user-supplied input. These vulnerabilities include local file-include,...

HuronCMS - index.php Multiple SQL Injections

HuronCMS - index.php Multiple SQL Injections source: https://www.securityfocus.com/bid/39685/info HuronCMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attack...

RepairShop2 - index.php?Prod Cross-Site Scripting

RepairShop2 - index.php?Prod Cross-Site Scripting source: https://www.securityfocus.com/bid/38907/info RepairShop 2 is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials...

4x CMS - login.php Multiple SQL Injections

4x CMS - login.php Multiple SQL Injections source: https://www.securityfocus.com/bid/39840/info 4xcms is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...

4x CMS - 'login.php' Multiple SQL Injections

source: https://www.securityfocus.com/bid/39840/info 4xcms is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or modi...

Joomla! Component HD FLV Player - 'id' SQL Injection

source: https://www.securityfocus.com/bid/38401/info The HD FLV Player component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

Joomla! Component com_recipe - Multiple SQL Injections

Joomla! Component comrecipe - Multiple SQL Injections source: https://www.securityfocus.com/bid/38336/info The 'comrecipe' component for Joomla! is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query...

Joomla! Component com_recipe - Multiple SQL Injections

source: https://www.securityfocus.com/bid/38336/info The 'comrecipe' component for Joomla! is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise...

CommodityRentals CD Rental Software - 'index.php' SQL Injection

source: https://www.securityfocus.com/bid/38184/info CommodityRentals CD Rental Software is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

eZoneScripts Apartment Search Script 'listtest.php' SQL Injection Vulnerability

eZoneScripts Apartment Search Script 'listtest.php' SQL Injection Vulnerability. Webapps exploit for php platform source: http://www.securityfocus.com/bid/39905/info eZoneScripts Apartment Search Script is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize...

Zen Time Tracking 2.2 - Multiple SQL Injections

Zen Time Tracking 2.2 - Multiple SQL Injections source: https://www.securityfocus.com/bid/38153/info Zen Time Tracking is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could all...

evalSMSI 2.1.3 - Multiple Input Validation Vulnerabilities

evalSMSI 2.1.3 - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/38116/info evalSMSI is prone to multiple vulnerabilities, including an authentication-bypass issue, an SQL-Injection issue, and an HTML-Injection issue. Attackers can exploit these issues to gain...