UBBCentral UBB.Threads 7.3.1 - 'Forum[]' Array SQL Injection

source: https://www.securityfocus.com/bid/31074/info UBB.threads is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...

Full PHP Emlak Script - 'landsee.php' SQL Injection

source: https://www.securityfocus.com/bid/30962/info Full PHP Emlak Script is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input. Attackers may exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities...

One-News - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/30804/info One-News is prone to multiple input-validation vulnerabilities, including an SQL-injection issue and multiple HTML-injection issues. The vulnerabilities occur because the application fails to sufficiently sanitize user-supplied data. Exploiting...

Simasy CMS - id SQL Injection

Simasy CMS - id SQL Injection source: https://www.securityfocus.com/bid/30774/info Simasy CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

Scripts4Profit DXShopCart 4.30 - pid SQL Injection

Scripts4Profit DXShopCart 4.30 - pid SQL Injection source: https://www.securityfocus.com/bid/30772/info DXShopCart is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker...

Simasy CMS - 'id' SQL Injection

source: https://www.securityfocus.com/bid/30774/info Simasy CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...

PromoProducts - 'view_product.php' Multiple SQL Injections

source: https://www.securityfocus.com/bid/30725/info PromoProducts is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access...

Links Pile - link.php SQL Injection

Links Pile - link.php SQL Injection source: https://www.securityfocus.com/bid/29223/info Links Pile is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise...

PHP Realty - 'dpage.php' SQL Injection

source: https://www.securityfocus.com/bid/30678/info PHP Realty is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...

Kayako SupportSuite 3.x - 'index.php?filter' Cross-Site Scripting

source: https://www.securityfocus.com/bid/30642/info Kayako SupportSuite is prone to multiple input-validation vulnerabilities, including an SQL-injection issue, multiple cross-site scripting issues, and an HTML-injection issue. The vulnerabilities occur because the application fails to...

DEV Web Management System 1.5 - Multiple Input Validation Vulnerabilities

DEV Web Management System 1.5 - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/30447/info DEV Web Management System is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issues include local...

Greatclone GC Auction Platinum - category.php SQL Injection

Greatclone GC Auction Platinum - category.php SQL Injection source: https://www.securityfocus.com/bid/30389/info GC Auction Platinum is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could...

Greatclone GC Auction Platinum - 'category.php' SQL Injection

source: https://www.securityfocus.com/bid/30389/info GC Auction Platinum is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or...

Pre Survey Generator - 'default.asp' SQL Injection

source: https://www.securityfocus.com/bid/30349/info Pre Survey Generator is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent...

EasyPublish 3.0 - read Multiple SQL Injections Cross-Site Scripting

EasyPublish 3.0 - read Multiple SQL Injections Cross-Site Scripting source: https://www.securityfocus.com/bid/30307/info EasyPublish is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issues include SQL-injection and cross-site...

EasyE-Cards 3.10 - SQL Injection Cross-Site Scripting

EasyE-Cards 3.10 - SQL Injection Cross-Site Scripting source: https://www.securityfocus.com/bid/30328/info EasyE-Cards is prone to multiple input-validation vulnerabilities, including an SQL-injection issue and multiple cross-site scripting issues, because it fails to sufficiently sanitize...

EasyE-Cards 3.10 - SQL Injection / Cross-Site Scripting

source: https://www.securityfocus.com/bid/30328/info EasyE-Cards is prone to multiple input-validation vulnerabilities, including an SQL-injection issue and multiple cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an...

Zoph 0.7.2.1 - SQL Injection

Zoph 0.7.2.1 - SQL Injection source: https://www.securityfocus.com/bid/30116/info Zoph is prone to a cross-site scripting vulnerability and multiple SQL-injection vulnerabilities. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the...

Zoph 0.7.2.1 - search.php?_off Cross-Site Scripting

Zoph 0.7.2.1 - search.php?off Cross-Site Scripting source: https://www.securityfocus.com/bid/30116/info Zoph is prone to a cross-site scripting vulnerability and multiple SQL-injection vulnerabilities. Exploiting these issues could allow an attacker to steal cookie-based authentication credential...

The Rat CMS - viewarticle2.php?id Cross-Site Scripting

The Rat CMS - viewarticle2.php?id Cross-Site Scripting source: https://www.securityfocus.com/bid/29959/info The Rat CMS is prone to multiple input-validation vulnerabilities, including SQL-injection issues and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied...