1167 matches found
Admin Bot - 'news.php' SQL Injection
source: https://www.securityfocus.com/bid/50562/info Admin Bot is prone to an SQL Injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify dat...
CVE-2011-2676
The A-Form and A-Form bamboo before 1.3.6 and 2.x before 2.0.3, and A-Form PC and PC/Mobile before 3.1, plug-ins for Movable Type do not require administrative authentication, which allows remote authenticated users to modify data via unspecified vectors...
Joomla! Component com_br - 'state_id' SQL Injection
source: https://www.securityfocus.com/bid/50042/info The 'combr' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...
Joomla! Component com_expedition - id SQL Injection
Joomla! Component comexpedition - id SQL Injection source: https://www.securityfocus.com/bid/50019/info The 'comexpedition' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting thi...
Joomla! Component com_expedition - 'id' SQL Injection
source: https://www.securityfocus.com/bid/50019/info The 'comexpedition' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...
Zyncro 3.0.1.20 - Social Network Message Menu SQL Injection
Zyncro 3.0.1.20 - Social Network Message Menu SQL Injection source: https://www.securityfocus.com/bid/49741/info Zyncro social network is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue cou...
BlueSoft Rate My Photo Site - 'ty' SQL Injection
source: https://www.securityfocus.com/bid/49092/info BlueSoft Rate My Photo Site is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application,...
Joomla! Component com_voj - SQL Injection
Joomla! Component comvoj - SQL Injection source: https://www.securityfocus.com/bid/48621/info The 'comvoj' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could all...
MyBloggie 2.1.6 - HTML Injection SQL Injection
MyBloggie 2.1.6 - HTML Injection SQL Injection source: https://www.securityfocus.com/bid/48317/info myBloggie is prone to a SQL-injection vulnerabilities and an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to...
MyBloggie 2.1.6 - HTML Injection / SQL Injection
source: https://www.securityfocus.com/bid/48317/info myBloggie is prone to a SQL-injection vulnerabilities and an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to compromise the application, access or modify data,...
CVE-2011-1861
Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to modify data or obtain sensitive information via unknown vectors...
CVE-2011-1861
Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to modify data or obtain sensitive information via unknown vectors...
Code injection
Unspecified vulnerability in HP Insight Control for Linux aka IC-Linux before 6.3 allows remote authenticated users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors...
CVE-2011-1535
Unspecified vulnerability in HP Insight Control for Linux aka IC-Linux before 6.3 allows remote authenticated users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors...
CVE-2011-1535
Unspecified vulnerability in HP Insight Control for Linux aka IC-Linux before 6.3 allows remote authenticated users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors...
CVE-2011-1532
Unspecified vulnerability in the SNMP component on the HP Photosmart D110 and B110; Photosmart Plus B210; Photosmart Premium C310, Fax All-in-One, and C510; and ENVY 100 D410 printers allows remote attackers to obtain sensitive information or modify data via vectors related to the Embedded Web...
PHP-Fusion - 'article_id' SQL Injection
source: https://www.securityfocus.com/bid/47128/info PHP-Fusion is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...
Rae Media Real Estate Single Agent SQL Injection
Real Estate Single is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the...
ReOS Local File Include and SQL Injection Vulnerabilities
ReOS is prone to a local file-include vulnerability and multiple SQL- injection vulnerabilities because it fails to properly sanitize user- supplied input. An attacker can exploit the local file-include vulnerability using directory- traversal strings to view and execute arbitrary local files...
CVE-2011-0489
The server components in Objectivity/DB 10.0 do not require authentication for administrative commands, which allows remote attackers to modify data, obtain sensitive information, or cause a denial of service by sending requests over TCP to 1 the Lock Server or 2 the Advanced Multithreaded Server...