Joomla! Component Inneradmission - 'index.php' SQL Injection

source: https://www.securityfocus.com/bid/66708/info Inneradmission component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

Puntopy - 'novedad.php' SQL Injection

source: https://www.securityfocus.com/bid/67241/info Puntopy is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow an attacker to compromise the application, access or modify data, or...

CVE-2013-6206

Unspecified vulnerability in HP Rapid Deployment Pack RDP and Insight Control Server Deployment allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors...

CVE-2013-6205

Unspecified vulnerability in HP Rapid Deployment Pack RDP and Insight Control Server Deployment allows local users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors...

Code injection

Unspecified vulnerability in HP Rapid Deployment Pack RDP and Insight Control Server Deployment allows local users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors...

CVE-2013-6206

HP Rapid Deployment Pack (RDP) and HP Insight Control Server Deployment are affected by CVE-2013-6206. The vulnerability enables remote attackers to obtain sensitive information, modify data, or trigger a denial of service via unknown vectors. CVSS v2 base score is 9.0 (HIGH) with Network attack ...

CVE-2013-6206

Unspecified vulnerability in HP Rapid Deployment Pack RDP and Insight Control Server Deployment allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors...

CVE-2013-6200

Unspecified vulnerability in m4 in HP HP-UX B.11.23 and B.11.31 allows local users to obtain sensitive information or modify data via unknown vectors...

Code injection

Unspecified vulnerability in m4 in HP HP-UX B.11.23 and B.11.31 allows local users to obtain sensitive information or modify data via unknown vectors...

WordPress AdRotate Plugin 3.9.4 - SQL Injection

This WordPress AdRotate plugin's clicktracker.php "track param" parameter is prone to an SQL injection. This vulnerability allows an attacker to modify data, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Upgrade the plugin to 3.9.5...

Jorjweb - 'id' SQL Injection

source: https://www.securityfocus.com/bid/66377/info Jorjweb is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit will allow an attacker to compromise the application, access or modify data, o...

iScripts AutoHoster - additionalsettings.php SQL Injection

iScripts AutoHoster - additionalsettings.php SQL Injection source: https://www.securityfocus.com/bid/64377/info iScripts AutoHoster is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these vulnerabilities to compromi...

iScripts AutoHoster - main_smtp.php Traversal

iScripts AutoHoster - mainsmtp.php Traversal source: https://www.securityfocus.com/bid/64377/info iScripts AutoHoster is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these vulnerabilities to compromise the...

iScripts AutoHoster - 'main_smtp.php' Traversal

source: https://www.securityfocus.com/bid/64377/info iScripts AutoHoster is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these vulnerabilities to compromise the application, access or modify data, or exploit laten...

CVE-2013-5450

IBM Security AppScan Enterprise 8.5 through 8.7.0.1, when Jazz authentication is enabled, allows man-in-the-middle attackers to obtain sensitive information or modify data by leveraging an improperly protected URL to obtain a session token...

Authentication flaw

IBM Security AppScan Enterprise 8.5 through 8.7.0.1, when Jazz authentication is enabled, allows man-in-the-middle attackers to obtain sensitive information or modify data by leveraging an improperly protected URL to obtain a session token...

Code injection

The WP Ultimate Email Marketer plugin 1.1.0 and possibly earlier for Wordpress does not properly restrict access to 1 list/edit.php and 2 campaign/editCampaign.php, which allows remote attackers to modify list or campaign data...

CVE-2013-4839

Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1851...

Security feature bypass

Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1851...

CVE-2013-4839

Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1851...