9133 matches found
MyBulletinBoard (MyBB) 1.0 - 'RateThread.php' SQL Injection
source: https://www.securityfocus.com/bid/14786/info MyBulletinBoard is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the...
Land Down Under 700701800801 - events.php?c SQL Injection
Land Down Under 700701800801 - events.php?c SQL Injection source: https://www.securityfocus.com/bid/14685/info Land Down Under is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL...
Land Down Under 700701800801 - index.php?c SQL Injection
Land Down Under 700701800801 - index.php?c SQL Injection source: https://www.securityfocus.com/bid/14685/info Land Down Under is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL...
RunCMS 1.1/1.2 Module Newbb_plus/Messages - SQL Injection
source: https://www.securityfocus.com/bid/14631/info RunCMS is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a compromise of the...
Mall23 - AddItem.asp SQL Injection
Mall23 - AddItem.asp SQL Injection source: https://www.securityfocus.com/bid/14898/info Mall23 is prone to an SQL injection vulnerability. This is due to a lack of proper sanitization of user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of t...
PHPFreeNews 1.40 - searchresults.php Multiple SQL Injections
PHPFreeNews 1.40 - searchresults.php Multiple SQL Injections source: https://www.securityfocus.com/bid/14589/info PHPFreeNews is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL...
Soft4e ECW-Shop 6.0.2 - index.php SQL Injection
Soft4e ECW-Shop 6.0.2 - index.php SQL Injection source: https://www.securityfocus.com/bid/14576/info ECW Shop is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. The consequences of...
MyBulletinBoard (MyBB) RC4 - 'polloptions' SQL Injection
source: https://www.securityfocus.com/bid/14553/info MyBulletinBoard is prone to multiple SQL injection vulnerability. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a compromise...
PHPTB Topic Board 2.0 - index.php?mid SQL Injection
PHPTB Topic Board 2.0 - index.php?mid SQL Injection source: https://www.securityfocus.com/bid/14535/info PHPTB is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. The...
PHPTB Topic Board 2.0 - 'index.php?mid' SQL Injection
source: https://www.securityfocus.com/bid/14535/info PHPTB is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. The consequences of this attack may vary depending on the ty...
Gravity Board X 1.1 - Login SQL Injection
Gravity Board X 1.1 - Login SQL Injection source: https://www.securityfocus.com/bid/14497/info Gravity Board X GBX is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...
PortailPHP 2.4 - index.php SQL Injection
PortailPHP 2.4 - index.php SQL Injection source: https://www.securityfocus.com/bid/14474/info Portail PHP is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. The consequences of this...
PHPFreeNews 1.x - Admin Login SQL Injection
PHPFreeNews 1.x - Admin Login SQL Injection source: https://www.securityfocus.com/bid/14442/info PHPFreeNews is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...
SUSE-SA:2005:032: java2
The remote host is missing the patch for the advisory SUSE-SA:2005:032 java2. Two security bugs in the SUN Java implementation have been fixed. Java Web Start can be exploited remotely due to an error in input validation of tags in JNLP files, so an attacker can pass arbitrary command-line option...
CVE-2002-1983
The timer implementation in QNX RTOS 6.1.0 allows local users to cause a denial of service hang and possibly execute arbitrary code by creating multiple timers with a 1-ms tick...
DUware DUpaypal 3.03.1 - sub.asp?iSub SQL Injection
DUware DUpaypal 3.03.1 - sub.asp?iSub SQL Injection source: https://www.securityfocus.com/bid/14034/info DUpaypal Pro is prone to multiple SQL-injection vulnerabilities because the fails application to properly sanitize user-supplied input before using it in SQL queries. A successful exploit coul...
DUware DUpaypal 3.0/3.1 - 'sub.asp?iSub' SQL Injection
source: https://www.securityfocus.com/bid/14034/info DUpaypal Pro is prone to multiple SQL-injection vulnerabilities because the fails application to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacker to compromise the application,...
PeerCast: Format string vulnerability
Background PeerCast is a media streaming system based on P2P technology. Description James Bercegay of the GulfTech Security Research Team discovered that PeerCast insecurely implements formatted printing when receiving a request with a malformed URL. Impact A remote attacker could exploit this...
Mandrake Linux Security Advisory : openssl (MDKSA-2005:096)
Colin Percival reported a cache timing attack that could be used to allow a malicious local user to gain portions of cryptographic keys CVE-2005-0109. The OpenSSL library has been patched to add a new fixed-window modexp implementation as default for RSA, DSA, and DH private key operations. The...
WWWeb Concepts Events System 1.0 - login.asp SQL Injection
WWWeb Concepts Events System 1.0 - login.asp SQL Injection source: https://www.securityfocus.com/bid/13859/info WWWeb Concepts Events System is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'login.asp'...