9133 matches found
Qualiteam X-Cart 4.0.8 - help.php?section SQL Injection
Qualiteam X-Cart 4.0.8 - help.php?section SQL Injection source: https://www.securityfocus.com/bid/13817/info X-Cart is prone to SQL injection and cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. These...
Qualiteam X-Cart 4.0.8 - giftcert.php Multiple SQL Injections
Qualiteam X-Cart 4.0.8 - giftcert.php Multiple SQL Injections source: https://www.securityfocus.com/bid/13817/info X-Cart is prone to SQL injection and cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. These...
Qualiteam X-Cart 4.0.8 - 'help.php?section' SQL Injection
source: https://www.securityfocus.com/bid/13817/info X-Cart is prone to SQL injection and cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. These vulnerabilities could permit remote attackers to pass malicious inpu...
Warrior Kings 1.3 And Warrior Kings: Battles 1.23 - Remote Format String
source: https://www.securityfocus.com/bid/13711/info Warrior Kings, and Warrior Kings: Battles are vulnerable to a remote format string vulnerability. This issue is due to a failure of the application to securely implement a formatting printing function. This vulnerability allows remote attackers...
MWChat 6.8 - chat.php SQL Injection
MWChat 6.8 - chat.php SQL Injection source: https://www.securityfocus.com/bid/15198/info MWChat is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could...
CVE-2005-1600
A "mathematical flaw" in the implementation of the El Gamal signature algorithm for LibTomCrypt 1.0 to 1.0.2 allows attackers to generate valid signatures without having the private key...
MidiCart PHP - 'Item_Show.php?Code_No' SQL Injection
source: https://www.securityfocus.com/bid/13515/info MidiCart PHP is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the...
ASP Inline Corporate Calendar 3.6.3 - 'Details.asp' SQL Injection
source: https://www.securityfocus.com/bid/13487/info ASP Inline Corporate Calendar is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a...
Dream4 Koobi CMS 4.2.3 - 'index.php?P' SQL Injection
source: https://www.securityfocus.com/bid/13412/info Koobi CMS is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the...
CartWIZ 1.10 - ProductCatalogSubCats.asp SQL Injection
CartWIZ 1.10 - ProductCatalogSubCats.asp SQL Injection source: https://www.securityfocus.com/bid/13331/info CartWIZ is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input prior to utilizing the data in an SQL query...
CVE-2004-0984
Unknown vulnerability in the dotlock implementation in mailutils before 1:0.5-4 on Debian GNU/Linux allows attackers to gain privileges...
DUportal 3.1.2 - inc_rating.asp Multiple SQL Injections
DUportal 3.1.2 - incrating.asp Multiple SQL Injections source: https://www.securityfocus.com/bid/13288/info DUportal/DUportal SQL are prone to multiple SQL injection vulnerabilities. These issues exist because the application fails to properly sanitize user-supplied input before using it in SQL...
DUportal Pro 3.4 - 'inc_vote.asp' Multiple SQL Injections
source: https://www.securityfocus.com/bid/13285/info DUportal Pro is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacker to compromise the application,...
Libsafe 2.0 - Multi-threaded Process Race Condition Security Bypass
// source: https://www.securityfocus.com/bid/13190/info Libsafe will normally kill an application when certain types of memory corruption are detected, preventing exploitation of some buffer overflow and format string vulnerabilities. A weakness has been reported that may allow Libsafe security...
phpBB 1.x2.0.x - Knowledge Base Module KB.php SQL Injection
phpBB 1.x2.0.x - Knowledge Base Module KB.php SQL Injection source: https://www.securityfocus.com/bid/13219/info Knowledge Base Module is affected by an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQ...
Cisco Security Advisory: Vulnerabilities in the Internet Key Exchange Xauth Implementation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: ======================== Vulnerabilities in the Internet Key Exchange Xauth Implementation ================================================================= Revision 1.0 For Public Release 2005 April 6 1600 UTC -...
Active Auction House - 'ItemInfo.asp' SQL Injection
source: https://www.securityfocus.com/bid/13034/info Active Auction House is reportedly affected by a SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in a SQL query. Successful exploitation could result in a...
SiteEnable - SQL Injection
SiteEnable - SQL Injection source: https://www.securityfocus.com/bid/12985/info SiteEnable is reported prone to an SQL injection vulnerability. This vulnerability could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks...
tetex security update
CentOS Errata and Security Advisory CESA-2005:354 Updated tetex packages that fix several integer overflows are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. TeTeX is an implementation of TeX for Linux or UNIX systems. TeX take...
CVE-2003-1112
The CVE-2003-1112 entry applies to the SIP implementation in Ingate Firewall and Ingate SIParator prior to version 3.1.3. A crafted INVITE message can trigger denial of service and, possibly, remote code execution, as demonstrated by the OUSPG PROTOS c07-sip tests. Remediation: upgrade to version...