CVE-2012-3270

Unspecified vulnerability in HP Performance Insight 5.31, 5.40, and 5.41, when Sybase is used, allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, a different vulnerability than CVE-2012-3269...

CVE-2012-3269

Unspecified vulnerability in HP Performance Insight 5.31, 5.40, and 5.41, when Sybase is used, allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, a different vulnerability than CVE-2012-3270...

CVE-2012-3270

CVE-2012-3270 affects HP Performance Insight (PI) versions 5.31, 5.40 and 5.41 when running with Sybase as the database. The vulnerability enables remote attackers to cause a denial of service and potential data loss/intrusion due to flaws in the PI-Sybase interaction (root cause described in the...

CVE-2012-5302

The server in TIBCO Formvine 3.1.x and 3.2.x before 3.2.1 does not properly implement access control, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors...

DELTAScripts PHP Links - Multiple SQL Injections

source: https://www.securityfocus.com/bid/55478/info DeltaScripts PHP Links is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the applicatio...

Medium: postgresql9

Issue Overview: The libxslt support in contrib/xml2 in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 does not properly restrict access to files and URLs, which allows remote authenticated users to modify data, obtain sensitive information, or trigger...

Plixer / Dell SonicWALL Scrutinizer < 9.5.2 'q' Parameter SQLi Vulnerability - Active Check

Plixer / Dell SonicWALL Scrutinizer is prone to an SQL injection SQLi vulnerability because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

WeBid Remote File Include and SQLi Vulnerabilities

WeBid to a remote file-include issue and an SQL injection SQLi issue. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

tekno.Portal 0.1b - &#039;link.php&#039; SQL Injection

source: https://www.securityfocus.com/bid/54786/info tekno.Portal is prone to an SQL-injection vulnerability. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. tekno.Portal 0.1b is...

CVE-2012-2013

Unspecified vulnerability in HP System Management Homepage SMH before 7.1.1 allows remote attackers to cause a denial of service, or possibly obtain sensitive information or modify data, via unknown vectors...

VANA CMS - &#039;index.php&#039; Script SQL Injection

source: https://www.securityfocus.com/bid/54066/info VANA CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow an attacker to compromise the application, access or modify data, o...

NetArt Media Jobs Portal - SQL Injection

source: https://www.securityfocus.com/bid/54026/info NetArt Media Jobs Portal is prone to multiple HTML-injection vulnerabilities and an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues may allow an attacker to compromise the...

Ganesha Digital Library Multiple SQLi and XSS Vulnerabilities

Ganesha Digital Library is prone to multiple SQL injection SQLi and cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier...

Authentication flaw

GR Board aka grboard 1.8.6.5 Community Edition does not require authentication for certain database actions, which allows remote attackers to modify or delete data via a request to 1 modrewrite.php, 2 commentwriteok.php, 3 poll/index.php, 4 update/index.php, 5 trackback.php, or 6 an arbitrary...

Buffer overflow

Buffer overflow in Symantec Endpoint Protection SEP 11.0.600x through 11.0.710x and Symantec Network Access Control SNAC 11.0.600x through 11.0.710x allows local users to gain privileges, and modify data or cause a denial of service, via a crafted script...

Plogger Photo Gallery - SQL Injection

Plogger Photo Gallery - SQL Injection source: https://www.securityfocus.com/bid/53644/info Plogger Photo Gallery is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit will allow an attacker to...

Uiga FanClub - &#039;p&#039; SQL Injection

source: https://www.securityfocus.com/bid/53295/info Uiga FanClub is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent...

CVE-2012-1993

Unspecified vulnerability in HP System Management Homepage SMH before 7.0 allows local users to modify data or obtain sensitive information via unknown vectors...

Bioly 1.3 - &#039;/index.php&#039; Cross-Site Scripting / SQL Injection

source: https://www.securityfocus.com/bid/53018/info Bioly is prone to multiple SQL-injection and cross-site scripting vulnerabilities. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit...

CVE-2011-5085

Unspecified vulnerability in Movable Type 4.x before 4.36 and 5.x before 5.05 allows remote attackers to read or modify data via unknown vectors...