EzASPSite <= 2.0 RC3 Remote SQL Injection Exploit Vulnerability.

--Security Report-- Advisory: EzASPSite = 2.0 RC3 Remote SQL Injection Exploit Vulnerability. --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 29/03/06 21:33 PM --- Contacts: ICQ: 10072 MSN/Email: [email protected] Web: http://www.nukedx.com --- Vendor: EzASPSite...

DbbS 2.0 - Topics.php SQL Injection

DbbS 2.0 - Topics.php SQL Injection source: https://www.securityfocus.com/bid/17338/info DbbS is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an...

RedCMS 0.1 - login.php Multiple SQL Injections

RedCMS 0.1 - login.php Multiple SQL Injections source: https://www.securityfocus.com/bid/17336/info RedCMS is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. The application is prone to HTML-injecti...

SoftBiz Image Gallery - template.php?provided SQL Injection

SoftBiz Image Gallery - template.php?provided SQL Injection source: https://www.securityfocus.com/bid/17339/info Softbiz Image Gallery is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it ...

DbbS 2.0 - 'Topics.php' SQL Injection

source: https://www.securityfocus.com/bid/17338/info DbbS is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the...

SoftBiz Image Gallery - 'insert_rating.php?img_id' SQL Injection

source: https://www.securityfocus.com/bid/17339/info Softbiz Image Gallery is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacke...

SoftBiz Image Gallery - 'template.php?provided' SQL Injection

source: https://www.securityfocus.com/bid/17339/info Softbiz Image Gallery is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacke...

O2PHP Oxygen 1.0/1.1 - 'post.php' SQL Injection

source: https://www.securityfocus.com/bid/17324/info Oxygen is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the...

PhxContacts 0.93 - carnet.php Multiple SQL Injections

PhxContacts 0.93 - carnet.php Multiple SQL Injections source: https://www.securityfocus.com/bid/17306/info PhxContacts is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query....

PhxContacts 0.93 - 'carnet.php' Multiple SQL Injections

source: https://www.securityfocus.com/bid/17306/info PhxContacts is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...

mysql -- database suid privilege escalation

Dmitri Lenev reports a privilege escalation in MySQL. MySQL evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller, which allows remote and local authenticated users to gain privileges through a routine that has been made available...

OneOrZero 1.6.3 Helpdesk - 'index.php' SQL Injection

source: https://www.securityfocus.com/bid/17298/info OneOrZero Helpdesk is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromis...

AkoComment SQL injection vulnerability

AkoComment is a well known and widely used add-on for the Mambo and Joomla Content Management Systems. It allows users to post comments to articles. AkoComment 2.0 suffers from an SQL injection vulnerability components/comakocomment/akocomment.php: Clear any HTML and SQL injections $title =...

SaPHPLesson 2.0 - 'print.php' SQL Injection

source: https://www.securityfocus.com/bid/17239/info SaphpLesson is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the...

MantisBT < 1.0.0rc2 Multiple Vulnerabilities

MantisBT is prone to multiple vulnerabilities. Copyright C 2005 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it...

DeluxeBB Multiple SQL injection flaws

The remote host is using DeluxeBB, a web application forum written in PHP. Multiple vulnerabilities exist in this version which may allow an attacker to execute arbitrary SQL queries against the database. SPDX-FileCopyrightText: 2005 David Maciejak Some text descriptions might be excerpted from a...

phpWebSite 0.8.2/0.8.3 - &#039;friend.php?sid&#039; SQL Injection

source: https://www.securityfocus.com/bid/17150/info phpWebSite is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacker to...

CVE-2006-1285

SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite SGSS 1.0, gives read and write permissions to all users for database shared memory sections, which allows local users to access and possibly modify certain information...

MusicBox 2.3 - cart.php Cross-Site Scripting

MusicBox 2.3 - cart.php Cross-Site Scripting source: https://www.securityfocus.com/bid/17149/info MusicBox is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to...

MusicBox 2.3 - &#039;index.php&#039; SQL Injection

source: https://www.securityfocus.com/bid/17149/info MusicBox is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful...