Gnews Publisher - Multiple SQL Injections

source: https://www.securityfocus.com/bid/21194/info Gnews Publisher is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, acce...

ActiveNews Manager - query Cross-Site Scripting

ActiveNews Manager - query Cross-Site Scripting source: https://www.securityfocus.com/bid/21167/info Active News Manger is prone to multiple input-validation vulnerabilities, including SQL-injection issues and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied...

ActiveNews Manager - articleId SQL Injection (1)

ActiveNews Manager - articleId SQL Injection 1 source: https://www.securityfocus.com/bid/21167/info Active News Manger is prone to multiple input-validation vulnerabilities, including SQL-injection issues and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied...

Link CMS - navigacija.php?IDMeniGlavni SQL Injection

Link CMS - navigacija.php?IDMeniGlavni SQL Injection source: https://www.securityfocus.com/bid/21464/info Link CMS is prone to multiple input-validation vulnerabilities, including SQL-injection issues and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied data...

ActiveNews Manager - articleId SQL Injection (2)

ActiveNews Manager - articleId SQL Injection 2 source: https://www.securityfocus.com/bid/21167/info Active News Manger is prone to multiple input-validation vulnerabilities, including SQL-injection issues and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied...

Link CMS - 'prikazInformacije.php?IDStranicaPodaci' SQL Injection

source: https://www.securityfocus.com/bid/21464/info Link CMS is prone to multiple input-validation vulnerabilities, including SQL-injection issues and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to...

ASPCart 4.5 - Multiple SQL Injections

ASPCart 4.5 - Multiple SQL Injections source: https://www.securityfocus.com/bid/21152/info ASPCart is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...

BestWebApp Dating Site - 'login_form.asp?msg' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21158/info BestWebApp Dating Site is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because it fails to sufficiently sanitize user-supplied input. An attacker could exploit these issues to stea...

ASPCart 4.5 - Multiple SQL Injections

source: https://www.securityfocus.com/bid/21152/info ASPCart is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or...

Xtreme ASP Photo Gallery 2.0 - displaypic.asp?sortorder SQL Injection

Xtreme ASP Photo Gallery 2.0 - displaypic.asp?sortorder SQL Injection source: https://www.securityfocus.com/bid/21138/info Xtreme ASP Photo Gallery is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues and an HTML-injection issue because th...

Xtreme ASP Photo Gallery 2.0 - 'displaypic.asp?catname' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21138/info Xtreme ASP Photo Gallery is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues and an HTML-injection issue because the application fails to properly sanitize user-supplied input. Successf...

Dragon Internet Events Listing 2.0.01 - admin_login.asp Multiple Field SQL Injections

Dragon Internet Events Listing 2.0.01 - adminlogin.asp Multiple Field SQL Injections source: https://www.securityfocus.com/bid/21098/info Dragon Event Listing is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it ...

Pilot Cart 7.2 - Pilot.asp SQL Injection

Pilot Cart 7.2 - Pilot.asp SQL Injection source: https://www.securityfocus.com/bid/21065/info Pilot Cart is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker ...

Car Site Manager - csmaspdetail.asp?p SQL Injection

Car Site Manager - csmaspdetail.asp?p SQL Injection source: https://www.securityfocus.com/bid/21066/info Car Site Manager is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow a...

DMXReady Site Engine Manager 1.0 - index.asp SQL Injection

DMXReady Site Engine Manager 1.0 - index.asp SQL Injection source: https://www.securityfocus.com/bid/21064/info DMXReady Site Engine Manager is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this iss...

Inventory Manager - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/21069/info Inventory Manager is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because the application fails to properly sanitize user-supplied input. Successful exploits of these vulnerabiliti...

Car Site Manager - '/csm/asp/detail.asp?p' SQL Injection

source: https://www.securityfocus.com/bid/21066/info Car Site Manager is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication...

MGinternet Property Site Manager - 'listings.asp?s' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21073/info MGinternet Property Site Manager is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because it fails to sufficiently sanitize user-supplied input. An attacker could exploit these issu...

MGinternet Property Site Manager - 'listings.asp' Multiple SQL Injections

source: https://www.securityfocus.com/bid/21073/info MGinternet Property Site Manager is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because it fails to sufficiently sanitize user-supplied input. An attacker could exploit these issu...

INFINICART - browsesubcat.asp Multiple SQL Injections

INFINICART - browsesubcat.asp Multiple SQL Injections source: https://www.securityfocus.com/bid/21043/info Infinicart is prone to multiple input-validation vulnerabilities, including HTML-injection and SQL-injection issues, because the application fails to properly sanitize user-supplied input. A...