1163 matches found
XOOPS 'badliege' Module - 'id' SQL Injection
source: https://www.securityfocus.com/bid/27892/info The XOOPS 'badliege' module is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application,...
Joomla! / Mambo Component com_formtool - 'catid' SQL Injection
source: https://www.securityfocus.com/bid/27884/info The Joomla! and Mambo 'comformtool' component is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise t...
Facile Forms 1.x - 'catid' SQL Injection
source: https://www.securityfocus.com/bid/27880/info Facile Forms is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...
XOOPS events Module - id SQL Injection
XOOPS events Module - id SQL Injection source: https://www.securityfocus.com/bid/27890/info The XOOPS 'events' module is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...
Yellow Swordfish Simple Forum 1.x - sf-profile.php SQL Injection
Yellow Swordfish Simple Forum 1.x - sf-profile.php SQL Injection source: https://www.securityfocus.com/bid/27854/info Simple Forum is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could...
Joomla! Mambo Component Filebase - filecatid SQL Injection
Joomla! Mambo Component Filebase - filecatid SQL Injection source: https://www.securityfocus.com/bid/27829/info The Joomla! and Mambo 'comfilebase' component is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query...
Yellow Swordfish Simple Forum 1.71.9 - index.php SQL Injection
Yellow Swordfish Simple Forum 1.71.9 - index.php SQL Injection source: https://www.securityfocus.com/bid/27824/info Simple Forum is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could all...
Dokeos 1.8.4 - maincalendarmyagenda.php?courseCode Cross-Site Scripting
Dokeos 1.8.4 - maincalendarmyagenda.php?courseCode Cross-Site Scripting source: https://www.securityfocus.com/bid/27792/info Dokeos is prone to multiple input-validation vulnerabilities including five SQL-injection issues, one HTML-injection issue, three cross-site scripting issues, and one...
Dokeos 1.8.4 - '/main/admin/session_list.php?cmessage' Cross-Site Scripting
source: https://www.securityfocus.com/bid/27792/info Dokeos is prone to multiple input-validation vulnerabilities including five SQL-injection issues, one HTML-injection issue, three cross-site scripting issues, and one arbitrary-file-upload issue. Attackers can exploit these issues to execute...
Dokeos 1.8.4 - 'whoisonline.php?id' SQL Injection
source: https://www.securityfocus.com/bid/27792/info Dokeos is prone to multiple input-validation vulnerabilities including five SQL-injection issues, one HTML-injection issue, three cross-site scripting issues, and one arbitrary-file-upload issue. Attackers can exploit these issues to execute...
Yellow Swordfish Simple Forum 1.x - 'topic' SQL Injection
source: https://www.securityfocus.com/bid/27825/info Simple Forum is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...
Dokeos 1.8.4 - mainmySpaceindex.php?tracking_list_coaches_column SQL Injection
Dokeos 1.8.4 - mainmySpaceindex.php?trackinglistcoachescolumn SQL Injection source: https://www.securityfocus.com/bid/27792/info Dokeos is prone to multiple input-validation vulnerabilities including five SQL-injection issues, one HTML-injection issue, three cross-site scripting issues, and one...
Site2Nite Real Estate Web - agentlist.asp Multiple SQL Injections
Site2Nite Real Estate Web - agentlist.asp Multiple SQL Injections source: https://www.securityfocus.com/bid/27779/info Site2Nite Real Estate Web is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query...
Cacti 0.8.7 - graph_view.php?filter Cross-Site Scripting
Cacti 0.8.7 - graphview.php?filter Cross-Site Scripting source: https://www.securityfocus.com/bid/27749/info Cacti is prone to multiple unspecified input-validation vulnerabilities, including: - Multiple cross-site scripting vulnerabilities - Multiple SQL-injection vulnerabilities - An HTTP...
Cacti 0.8.7 - graph_view.php?graph_list SQL Injection
Cacti 0.8.7 - graphview.php?graphlist SQL Injection source: https://www.securityfocus.com/bid/27749/info Cacti is prone to multiple unspecified input-validation vulnerabilities, including: - Multiple cross-site scripting vulnerabilities - Multiple SQL-injection vulnerabilities - An HTTP...
okul siteleri 'com_mezun' Component - SQL Injection
source: https://www.securityfocus.com/bid/27755/info 'okul siteleri' is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modi...
Counter Strike Portals - 'download' SQL Injection
source: https://www.securityfocus.com/bid/27747/info Counter Strike Portals is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access ...
Rapid-Source Rapid-Recipe Component - Multiple SQL Injections
source: https://www.securityfocus.com/bid/27724/info Rapid-Recipe is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access ...
ITechClassifieds - viewcat.php?CatID Cross-Site Scripting
ITechClassifieds - viewcat.php?CatID Cross-Site Scripting source: https://www.securityfocus.com/bid/27574/info iTechClassifieds is prone to an input-validation vulnerability that may be exploited as a cross-site scripting issue or an SQL-injection issue. This issue occurs because the application...
Pre Hotel and Resorts - user_login.asp Multiple SQL Injection Vulnerabilities
Pre Hotel and Resorts - userlogin.asp Multiple SQL Injection Vulnerabilities source: https://www.securityfocus.com/bid/27450/info Pre Hotel and Resorts is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query...