107 matches found
Comersus Cart 5.0 - SQL Injection
Comersus Cart 5.0 - SQL Injection source: https://www.securityfocus.com/bid/10824/info Comersus Cart is reportedly affected by a remote SQL injection vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI parameter input before using it in an SQL...
Expinion.net Member Management System 2.1 - 'news_view.asp?ID' SQL Injection
source: https://www.securityfocus.com/bid/9931/info It has been reported that Member Management System may be prone to a SQL injection vulnerability that may allow a remote attacker to inject malicious SQL syntax into database queries. The problem is reported to exist in the 'ID' parameter...
XMB Forum 1.8 - 'editprofile.php?user' Cross-Site Scripting
source: https://www.securityfocus.com/bid/9726/info XMB Forum has been reported prone to multiple cross-site scripting, HTML injection and SQL injection vulnerabilities. The issues present themselves due to insufficient sanitization of remote user supplied data. An attacker may exploit any one of...
PHP-Nuke 6.x/7.0 Survey Module - SQL Injection
source: https://www.securityfocus.com/bid/9305/info A vulnerability has been reported to exist in the Survey module of PHP-Nuke that may allow a remote attacker to inject malicious SQL syntax into database queries. The source of this issue is insufficient sanitization of user-supplied input. A...
Virtual Programming VP-ASP 4.005.00 - shopdisplayproducts.asp SQL Injection
Virtual Programming VP-ASP 4.005.00 - shopdisplayproducts.asp SQL Injection source: https://www.securityfocus.com/bid/9134/info It has been reported that VP-ASP may be prone to a SQL injection vulnerability that may allow an attacker to disclose sensitive information by supplying malicious SQL co...
VieNuke VieBoard 2.6 - SQL Injection
VieNuke VieBoard 2.6 - SQL Injection source: https://www.securityfocus.com/bid/8967/info It has been reported that VieNuke VieBoard may be prone to a SQL injection vulnerability that may allow an attacker to disclose sensitive information by supplying malicious SQL code to the underlying database...
Mambo Site Server 4.0.14 - banners.php?bid SQL Injection
Mambo Site Server 4.0.14 - banners.php?bid SQL Injection source: https://www.securityfocus.com/bid/8647/info It has been reported that Mambo Open Source Server is prone to multiple input validation vulnerabilities that may allow remote attackers to inject malicious SQL syntax into database querie...