philboard 0.5 - 'W1L3D4_konuoku.asp?id' SQL Injection

source: https://www.securityfocus.com/bid/29229/info Philboard is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or...

WordPress Plugin WP Photo Album - 'photo' SQL Injection

source: https://www.securityfocus.com/bid/29148/info The WordPress WP Photo Album WPPA plugin is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

RunCMS 1.6.1 - 'pm.class.php' Multiple SQL Injections

source: https://www.securityfocus.com/bid/29069/info RunCMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or...

iGaming CMS 1.5 - poll_vote.php SQL Injection

iGaming CMS 1.5 - pollvote.php SQL Injection source: https://www.securityfocus.com/bid/29059/info iGaming CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

TLM CMS 1.1 - index.php Multiple SQL Injections

TLM CMS 1.1 - index.php Multiple SQL Injections source: https://www.securityfocus.com/bid/29049/info TLM CMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an...

BatmanPorTaL - 'uyeadmin.asp?id' SQL Injection

source: https://www.securityfocus.com/bid/29057/info BatmanPorTaL is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow an attacker to compromise the application, access or...

iGaming CMS 1.5 - 'poll_vote.php' SQL Injection

source: https://www.securityfocus.com/bid/29059/info iGaming CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...

Alumni 1.0.81.0.9 - index.php?year Cross-Site Scripting

Alumni 1.0.81.0.9 - index.php?year Cross-Site Scripting source: https://www.securityfocus.com/bid/29019/info Project Alumni is prone to a cross-site scripting vulnerability and an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting...

Zen Cart 2008 - index.php?keyword Cross-Site Scripting

Zen Cart 2008 - index.php?keyword Cross-Site Scripting source: https://www.securityfocus.com/bid/29020/info Zen Cart is prone to a cross-site scripting vulnerability and an SQL-injection vulnerabilities because the application fails to sufficiently sanitize user-supplied input. Exploiting these...

Alumni 1.0.8/1.0.9 - 'index.php?year' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29019/info Project Alumni is prone to a cross-site scripting vulnerability and an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based...

TLM CMS 3.1 - Multiple SQL Injections

source: https://www.securityfocus.com/bid/28837/info TLM CMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or...

CVE-2008-1817

Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 have unknown impact and remote attack vectors related to 1 SDOIDX in the Spatial component, aka DB07; and 2 Core RDBMS, aka DB10. NOTE: the previous information was obtained...

Cezanne 7 - CznCommonCznCustomContainer.asp?FUNID SQL Injection

Cezanne 7 - CznCommonCznCustomContainer.asp?FUNID SQL Injection source: https://www.securityfocus.com/bid/28773/info Cezanne Software is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these...

Pragmatic Utopia PU Arcade 2.2 - gid SQL Injection

Pragmatic Utopia PU Arcade 2.2 - gid SQL Injection source: https://www.securityfocus.com/bid/28701/info PU Arcade is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker ...

Cuteflow Bin 1.5 - pages/editmailinglist_step1.php language Parameter XSS

Cuteflow Bin 1.5 pages/editmailingliststep1.php language Parameter XSS. CVE-2008-1630. Webapps exploit for php platform source: http://www.securityfocus.com/bid/28500/info CuteFlow Bin is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied...

Cuteflow Bin 1.5 - pages/showfields.php language Parameter XSS

Cuteflow Bin 1.5 pages/showfields.php language Parameter XSS. CVE-2008-1630. Webapps exploit for php platform source: http://www.securityfocus.com/bid/28500/info CuteFlow Bin is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The...

Bomba Haber 2.0 - 'haberoku.php' SQL Injection

source: https://www.securityfocus.com/bid/28435/info Bomba Haber is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...

Efestech E-Kontor - 'id' SQL Injection

source: https://www.securityfocus.com/bid/28412/info Efestech E-Kontor is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or...

Iatek Knowledge Base - content_by_cat.asp SQL Injection

Iatek Knowledge Base - contentbycat.asp SQL Injection source: https://www.securityfocus.com/bid/28376/info Iatek Knowledge Base is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allo...

Iatek PortalApp 4.0 - links.asp SQL Injection

Iatek PortalApp 4.0 - links.asp SQL Injection source: https://www.securityfocus.com/bid/28315/info PortalApp is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...