CVE-2022-30352

phpABook 0.9i is vulnerable to SQL Injection due to insufficient sanitization of user-supplied data in the "authuser" parameter in index.php script...

Invision Power Services Invision Gallery 1.0.1 - Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/9944/info It has been reported that Invision Gallery may be prone to multiple sql injection vulnerabilities, allowing an attacker to influence SQL query logic. The issues exist due to insufficient sanitization of...

Joomla Simple File Upload Module Remote Code Execution Vulnerability

This host is running Joomla Simple File Upload Module and is prone to remote code execution vulnerability. OpenVAS Vulnerability Test $Id: gbjoomlasimplefileuploadcodeexecvuln.nasl 5841 2017-04-03 12:46:41Z cfi $ Joomla Simple File Upload Module Remote Code Execution Vulnerability Authors: Madhur...

Novaboard 1.1.4 - Local File Inclusion

Novaboard 1.1.4 - Local File Inclusion Vulnerability ID: HTB22657 Reference: http://www.htbridge.ch/advisory/lfiinnovaboard.html Product: Novaboard Vendor: Novaboard http://www.novaboard.net/ Vulnerable Version: 1.1.4 and probably prior versions Vendor Notification: 13 October 2010 Vulnerability...

Discloser 'more' Parameter SQL Injection Vulnerability

The host is running Discloser and is prone to SQL injection vulnerability. OpenVAS Vulnerability Test $Id: secpoddisclosersqlinjvuln.nasl 5394 2017-02-22 09:22:42Z teissa $ Discloser 'more' Parameter SQL Injection Vulnerability Authors: Antu Sanadi Copyright: Copyright c 2010 SecPod,...

TCPDB Security Bypass Vulnerability

This host is installed with TCPDB and is prone to security bypass vulnerability. OpenVAS Vulnerability Test $Id: secpodtcpdbsecbypassvuln.nasl 5122 2017-01-27 12:16:00Z teissa $ TCPDB Security Bypass Vulnerability Authors: Nikita MR Copyright: Copyright c 2009 SecPod, http://www.secpod.com This...

Etomite CMS id Paramater SQL Injection

The remote web server contains a PHP script that is affected by a SQL injection vulnerability. Description: The remote web server is running Etomite CMS, a PHP-based content management system. The version of Etomite CMS installed on the remote host fails to sanitize input to the 'id' parameter...

SQL-Injection in evoArticles

Advisory: SQL-Injection in evoArticles Home Page: http://evo-dev.com/ Уязвимость/Vulnerability: SQL-injection Уязвимый скрипт/Vulnerable script: index.php http://www.target.com/index.php?do=cat&total=19&cid=37&sort=date&order=desc'&page=2...

PEEL 2.x sql injection

PEEL 2.x sql injection Author: r0t hackers.by.lv Date: 14. nov 2005 software: PEEL 2.x vendor: http://peel.fr/ Tested on 2.6 and 2.7 version Vulnerability Description: contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script...

bBlog <= 0.7.4 Multiple Vulnerabilities (SQLi, XSS)

The remote host is running bBlog, an open source blog software application. According to its banner, the remote version of this software suffers from several vulnerabilities: - A SQL Injection Vulnerability It is reportedly possible to inject SQL statements through the 'postid' parameter of the...

Mambo Open Source 4.5 - &#039;index.php&#039; Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/9890/info It has been reported that the Mambo 'index.php' script is prone to a cross-site scripting vulnerability. This issue is due to a failure of the application to properly validate user supplied URI input. This issue could permit a remote attacker to...

PHPOutSourcing Zorum 3.x - Cross-Site Scripting

source: https://www.securityfocus.com/bid/8388/info A cross-site scripting vulnerability has been reported in the index.php script of PHPOutSourcing Zorum. Because of this, an attacker may be able to execute HTML and script code in the browsers of target users in the security context of the site...