Bitweaver 1.x - fisheyeindex.php?sort_mode SQL Injection

Bitweaver 1.x - fisheyeindex.php?sortmode SQL Injection source: https://www.securityfocus.com/bid/20996/info Bitweaver is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an...

Bitweaver 1.x - '/fisheye/index.php?sort_mode' SQL Injection

source: https://www.securityfocus.com/bid/20996/info Bitweaver is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials...

Bitweaver 1.x - '/wiki/orphan_pages.php?sort_mode' SQL Injection

source: https://www.securityfocus.com/bid/20996/info Bitweaver is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials...

Omnistar Article Manager - Multiple SQL Injections

source: https://www.securityfocus.com/bid/20990/info Omnistar Article Manager is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the...

FreeWebShop 2.2 - index.php SQL Injection

FreeWebShop 2.2 - index.php SQL Injection source: https://www.securityfocus.com/bid/20887/info FreeWebShop is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

FreeWebShop 2.2 - 'index.php' SQL Injection

source: https://www.securityfocus.com/bid/20887/info FreeWebShop is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...

PHP-Nuke 7.x Journal Module - 'search.php' SQL Injection

source: https://www.securityfocus.com/bid/20829/info The PHP-Nuke Journal module is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application,...

Evandor Easy notesManager 0.0.1 - Search Page SQL Injection

source: https://www.securityfocus.com/bid/20803/info Easy notesManager is prone to multiple SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacker to compromise the application, access or...

Casinosoft Casino Script 3.2 - config.php SQL Injection

Casinosoft Casino Script 3.2 - config.php SQL Injection source: https://www.securityfocus.com/bid/20646/info Casinosoft Casino Script is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue coul...

Casinosoft Casino Script 3.2 - 'config.php' SQL Injection

source: https://www.securityfocus.com/bid/20646/info Casinosoft Casino Script is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, acces...

CubeCart 3.0.x - footer.inc.php?la_pow_by Cross-Site Scripting

CubeCart 3.0.x - footer.inc.php?lapowby Cross-Site Scripting source: https://www.securityfocus.com/bid/20215/info CubeCart is prone to multiple input-validation vulnerabilities, including information-disclosure, cross-site scripting, and SQL-injection issues, because the application fails to...

CubeCart 3.0.x - 'view_doc.php?view_doc' SQL Injection

source: https://www.securityfocus.com/bid/20215/info CubeCart is prone to multiple input-validation vulnerabilities, including information-disclosure, cross-site scripting, and SQL-injection issues, because the application fails to properly sanitize user-supplied input. A successful exploit of...

CubeCart 3.0.x - '/admin/print_order.php?order_id' SQL Injection

source: https://www.securityfocus.com/bid/20215/info CubeCart is prone to multiple input-validation vulnerabilities, including information-disclosure, cross-site scripting, and SQL-injection issues, because the application fails to properly sanitize user-supplied input. A successful exploit of...

Jupiter CMS 1.1.41.1.5 - modulessearch.php Multiple Cross-Site Scripting Vulnerabilities

Jupiter CMS 1.1.41.1.5 - modulessearch.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/20048/info Jupiter CMSA is prone to multiple input-validation vulnerabilities, including cross-site scripting, SQL-injection, and arbitrary file-upload issues, becaus...

Jupiter CMS 1.1.41.1.5 - modulesregister Multiple SQL Injections

Jupiter CMS 1.1.41.1.5 - modulesregister Multiple SQL Injections source: https://www.securityfocus.com/bid/20048/info Jupiter CMSA is prone to multiple input-validation vulnerabilities, including cross-site scripting, SQL-injection, and arbitrary file-upload issues, because the application fails ...

Jupiter CMS 1.1.4/1.1.5 - '/modules/mass-email.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/20048/info Jupiter CMSA is prone to multiple input-validation vulnerabilities, including cross-site scripting, SQL-injection, and arbitrary file-upload issues, because the application fails to sanitize user-supplied input. A successful exploit of these...

Jupiter CMS 1.1.4/1.1.5 - 'galleryuploadfunction.php' Arbitrary File Upload

source: https://www.securityfocus.com/bid/20048/info Jupiter CMSA is prone to multiple input-validation vulnerabilities, including cross-site scripting, SQL-injection, and arbitrary file-upload issues, because the application fails to sanitize user-supplied input. A successful exploit of these...

Uni-vert PHPLeague 0.82 - Joueurs.php SQL Injection

Uni-vert PHPLeague 0.82 - Joueurs.php SQL Injection source: https://www.securityfocus.com/bid/19880/info Uni-vert PhpLeague is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data. This issue may allow an attacker to compromise the application, acce...

Autentificator 2.01 - Aut_Verifica.Inc.php SQL Injection

Autentificator 2.01 - AutVerifica.Inc.php SQL Injection source: https://www.securityfocus.com/bid/19813/info Autentificator is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could...

VWar 1.x - war.php Multiple SQL Injections

VWar 1.x - war.php Multiple SQL Injections source: https://www.securityfocus.com/bid/19327/info Vwar is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues. These issues occur because the application fails to properly sanitize user-supplied...