WEBJump! Multiple SQL Injection Vulnerabilities

WEBJump! is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the...

Bugs Online <= 2.14 SQLi Vulnerability - Active Check

Bugs Online is prone to an SQL injection SQLi vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

ProQuiz 'Username' and 'Password' Parameters SQL Injection Vulnerability

ProQuiz is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective rig...

TinX CMS 'rss.php' SQL Injection Vulnerability

TinX CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying...

TinX CMS < 3.5.1 SQLi Vulnerability - Active Check

TinX CMS is prone to an SQL injection SQLi vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respecti...

nForum Multiple SQLi Vulnerabilities (Mar 2009) - Active Check

nForum is prone to multiple SQL injection SQLi vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

A4Desk Event Calendar SQLi Vulnerability (Mar 2009) - Active Check

A4Desk Event Calendar is prone to an SQL injection SQLi vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...

Trojan exploiting Excel zero-day flaw

Reports have been circulating in the last couple of days about an unpatched vulnerability in Microsoft Excel, and the software giant has now confirmed the problem. The flaw allows attackers to run code on remote machines if they can entice a user into opening a malicious Excel file. Some security...

Teamspeak Server -- Directory Traversal Vulnerability

SecurityFocus reports: TeamSpeak is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting the issue may allow an attacker to obtain sensitive information that could aid in further attacks...

Easyedit CMS - &#039;news.php?intPageID&#039; SQL Injection

source: https://www.securityfocus.com/bid/32369/info Easyedit is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or...

Osprey 1.0a4.1 - &#039;ListRecords.php&#039; Multiple Remote File Inclusions

source: https://www.securityfocus.com/bid/31883/info Osprey is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to compromise the application and the underlying computer; other attac...

Atomic Photo Album 1.1.0pre4 Blind SQL Injection Exploit

No description provided by source. ?php iniset"maxexecutiontime",0; printr' Atomic Photo Album 1.1.0pre4 - Blind SQL Injection Exploit Vulnerability discovered by: Stack Exploit coded by: Stack Greetz to: All My Freind Dork: intext:"Powered by Atomic Photo Album 1.1.0pre4" Admin Panel: Target/apa...

Mass Downloader - Malformed Executable Denial of Service

Mass Downloader - Malformed Executable Denial of Service // source: https://www.securityfocus.com/bid/31406/info Mass Downloader is prone to a remote denial-of-service vulnerability. Exploiting this issue allows remote attackers to crash the application and trigger denial-of-service conditions,...

MapCal 0.1 - &#039;id&#039; SQL Injection

source: https://www.securityfocus.com/bid/31304/info MapCal is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, ...

Failed assertion in the Unreal engine

Luigi Auriemma Application: Unreal engine http://www.unrealtechnology.com Versions: the games which have been tested and resulted vulnerable are Unreal Tournament 3 1.3, Unreal Tournament 2003 and 2004, Dead Man's Hand, Pariah, WarPath, Postal2, Shadow Ops and possibly others. instead those which...

QuicO - &#039;photo.php&#039; SQL Injection

source: https://www.securityfocus.com/bid/31154/info QuicO is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, o...

Postfix 2.6-20080814 - &#039;symlink&#039; Local Privilege Escalation

!/bin/sh "rspocfix.sh" PoC for Postfix local root vulnerability: CVE-2008-2936 by Roman Medina-Heigl Hernandez a.k.a. RoMaNSoFt Tested: Ubuntu / Debian Madrid, 30.Aug.2008 Config writabledir=/tmp spooldir=/var/mail Use "postconf mailspooldirectory" to obtain this user=root target=/etc/passwd...

WinGate IMAP Server Buffer Overflow Vulnerability

This host is running Qbik WinGate, which is prone to Denial of Service Vulnerability. OpenVAS Vulnerability Test $Id: secpodwingateimapdosvuln900201.nasl 5370 2017-02-20 15:24:26Z cfi $ Description: WinGate IMAP Server Buffer Overflow Vulnerability Authors: Veerendra GG Copyright: Copyright C 200...

Links Pile - &#039;link.php&#039; SQL Injection

source: https://www.securityfocus.com/bid/29223/info Links Pile is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...

Meet#Web 0.8 - RegRightsResource.class.php?root_path Remote File Inclusion

MeetWeb 0.8 - RegRightsResource.class.php?rootpath Remote File Inclusion source: https://www.securityfocus.com/bid/30673/info MeetWeb is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacke...