9137 matches found
ASPBB 0.4 topic.asp TID Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15859/info ASPBB is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation...
SSH2 3.0 Restricted Shell Escaping Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4547/info SSH and derivatives is the protocol Secure Shell protocol implementation. It is available for various operating systems, although this vulnerability affects operating systems such as Unix and Linux. It has been...
Sophos Products - Multiple Vulnerabilities
No description provided by source. List, I've completed the second paper in my series analyzing Sophos Antivirus internals, titled Practical Attacks against Sophos Antivirus. As the name suggests, this paper describes realistic attacks against networks using Sophos products. The paper includes a...
NukeCalendar 1.1 .a block-Calendar1.php Path Disclosure
No description provided by source. source: http://www.securityfocus.com/bid/10082/info NukeCalendar, which is a third-party calendar module for PHP-Nuke, is prone to multiple vulnerabilities. These issues include path disclosure, SQL injection and cross-site scripting. Possible consequences inclu...
Fixit iDMS Pro Image Gallery showfile.asp fid Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/21282/info Fixit iDMS Pro is prone to multiple input-validation vulnerabilities, including SQL-injection issues and an HTML-injection issue, because the application fails to properly sanitize user-supplied input. Successf...
Fantastic Scripts Fantastic News 2.1.1 News.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15622/info Fantastic News is prone to an SQL injection vulnerability. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit...
JPortal Web Portal 2.2.1/2.3.1 news.php id Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15324/info JPortal is prone to multiple SQL injection vulnerabilities. These are due to a lack of proper sanitization of user-supplied input before being used in an SQL query. Successful exploitation could result in a...
PHP-Fusion 4.0/5.0/6.0 Options.php and Viewforum.php SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/15502/info PHP-Fusion is prone to SQL injection vulnerabilities in multiple PHP scripts. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query...
SimplePoll Results.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15508/info SimplePoll is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could...
Babe Logger 2.0 - comments.php id Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15580/info Babe Logger is prone to SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation coul...
Kayako eSupport 2.x index.php Knowledgebase XSS
No description provided by source. source: http://www.securityfocus.com/bid/12037/info Kayako eSupport is prone to multiple input validation vulnerabilities. One cross-site scripting and six SQL injection vulnerabilities. These issues may collectively threaten compromise of software and database...
vSpin Classified System 2004 cat.asp cat Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/21190/info vSpin Classified System is prone to multiple input-validation vulnerabilities, including SQL-injection and cross-site scripting issues, because the application fails to sufficiently sanitize user-supplied data...
JiRos Link Manager 1.0 viewlinks.asp CategoryID Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/21226/info JiRos Links Manager is prone to multiple input-validation vulnerabilities, including SQL- and HTML-injection issues, because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could...
SoftBiz Image Gallery 0 images.php cid Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/17339/info Softbiz Image Gallery is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A...
Evolve Merchant Viewcart.ASP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/21070/info Evolve Merchant is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...
PortailPHP 2.4 Index.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14474/info Portail PHP is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. The consequences of this attack...
EasyMoblog 0.5.1 - Multiple Input Validation Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/22369/info EasyMoblog is prone to multiple input-validation vulnerabilities, including SQL-injection issues and a cross-site scripting issue, because the application fails to sufficiently sanitize user-supplied input...
SiteEnable SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12985/info SiteEnable is reported prone to an SQL injection vulnerability. This vulnerability could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other...
BestWebApp Dating Site login_form.asp msg Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/21158/info BestWebApp Dating Site is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because it fails to sufficiently sanitize user-supplied input. An attacker...
Arab Portal 2.0 Link.PHP SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/15820/info Arab Portal is prone to multiple SQL injection vulnerabilities. These are due to a lack of proper sanitization of user-supplied input before using it in an SQL query. Successful exploitation could result in a...