Jevontech PHPenpals PersonalID SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16109/info Jevontech PHPenpals is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitatio...

phpBB Chart Mod 1.1 charts.php id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/17952/info Chart Mod is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly...

Land Down Under 800/801 plug.php e Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/14820/info Land Down Under is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful...

ZaireWeb Solutions Newsletter ZWS Administrative Interface Authentication Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10605/info Newsletter ZWS is reported prone to an administrative interface authentication bypass vulnerability. The vulnerability exists due to a design error in the implementation of the authentication system for the...

Calendar Express 2.2 Month.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18314/info Calendar Express is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit coul...

1WebCalendar 4.0 /news/newsView.cfm NewsID Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/17193/info 1WebCalendar is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. A successful exploi...

PersianBlog Userslist.ASP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14575/info PersianBlog is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could...

ActiveNews Manager activenews_search.asp query Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21167/info Active News Manger is prone to multiple input-validation vulnerabilities, including SQL-injection issues and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied data. Exploitin...

Casinosoft Casino Script 3.2 Config.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20646/info Casinosoft Casino Script is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

PHP-Fusion 6.0.109 Messages.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15698/info PHP-Fusion is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could...

vSpin Classified System 2004 cat.asp cat Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/21190/info vSpin Classified System is prone to multiple input-validation vulnerabilities, including SQL-injection and cross-site scripting issues, because the application fails to sufficiently sanitize user-supplied data...

Blog 0.2.3/0.2.4 Mod Weblog_posting.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17744/info Blog Mod is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow ...

NPDS 4.8/5.0 comments.php thold Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/13649/info NPDS is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'thold' parameter. Successful exploitation could result in a...

JGS-Portal 3.0.1/3.0.2 jgs_portal_sponsor.php id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/13650/info JGS-Portal is prone to multiple cross-site scripting and SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of...

PHP IRC Bot pbot eval() Remote Code Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

JiRos Link Manager 1.0 viewlinks.asp CategoryID Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/21226/info JiRos Links Manager is prone to multiple input-validation vulnerabilities, including SQL- and HTML-injection issues, because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could...

ProjectBB 0.4.5 .1 - Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/12710/info ProjectBB is reportedly affected by multiple SQL injection vulnerabilities. These issues are due to the application failing to properly sanitize user-supplied input before using it in SQL queries. Successful...

Ocean12 Technologies Calendar Manager Pro 1.0 1 admin/view.asp SearchFor Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/17877/info Calendar Manager Pro is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to...

Ocean12 Technologies Calendar Manager Pro 1.0 1 admin/edit.asp ID Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/17877/info Calendar Manager Pro is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to...

Primo Place Primo Cart 1.0 - Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/16125/info Primo Cart is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...