CVE-2006-1420

The CVE-2006-1420 entry describes an SQL injection vulnerability in the PHP application component print.php of SaphpLesson 2.0 . The flaw allows remote attackers to execute arbitrary SQL commands through the lessid parameter. The available connected sources confirm the affected module and input v...

[eVuln] Maian Weblog Multiple SQL Injection Vulnerabilities

New eVuln Advisory: Maian Weblog Multiple SQL Injection Vulnerabilities http://evuln.com/vulns/101/summary.html --------------------Summary---------------- eVuln ID: EV0101 CVE: CVE-2006-1334 Software: Maian Weblog Sowtware's Web Site: http://www.maianscriptworld.co.uk/ Versions: 2.0 Critical...

Maian Weblog 2.0 - 'print.php' SQL Injection

source: https://www.securityfocus.com/bid/17247/info Maian Weblog is prone to multiple SQL-injection vulnerabilities. The application fails to properly sanitize user-supplied input before using it in SQL queries. This will allow an attacker to inject arbitrary SQL logic into the vulnerable...

SaPHPLesson 2.0 - 'print.php' SQL Injection

source: https://www.securityfocus.com/bid/17239/info SaphpLesson is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the...

SaPHPLesson 2.0 - print.php SQL Injection

SaPHPLesson 2.0 - print.php SQL Injection source: https://www.securityfocus.com/bid/17239/info SaphpLesson is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit...

Maian Weblog 2.0 - print.php SQL Injection

Maian Weblog 2.0 - print.php SQL Injection source: https://www.securityfocus.com/bid/17247/info Maian Weblog is prone to multiple SQL-injection vulnerabilities. The application fails to properly sanitize user-supplied input before using it in SQL queries. This will allow an attacker to inject...

CVE-2006-1334

Multiple SQL injection vulnerabilities in Maian Weblog 2.0 allow remote attackers to execute arbitrary SQL commands via the 1 entry and 2 email parameters to a print.php and b mail.php...

Sql injection

Multiple SQL injection vulnerabilities in Maian Weblog 2.0 allow remote attackers to execute arbitrary SQL commands via the 1 entry and 2 email parameters to a print.php and b mail.php...

CVE-2006-1334

Multiple SQL injection vulnerabilities in Maian Weblog 2.0 allow remote attackers to execute arbitrary SQL commands via the 1 entry and 2 email parameters to a print.php and b mail.php...

CVE-2006-1334

CVE-2006-1334 : Maian Weblog 2.0 has SQL injection in print.php and mail.php; vulnerable parameters are (1) entry and (2) email. Remote attackers could potentially execute arbitrary SQL. No patch/mitigation details are provided in the supplied documents; exploitation specifics are not described i...

CVE-2005-4478

Multiple SQL injection vulnerabilities in Papoo 2.1.2 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 menuid parameter to a index.php and b guestbook.php, and the 2 forumid and 3 reporeidprint parameters to c print.php...

CVE-2005-4478

Multiple SQL injection vulnerabilities in Papoo 2.1.2 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 menuid parameter to a index.php and b guestbook.php, and the 2 forumid and 3 reporeidprint parameters to c print.php...

Papoo 2.1.2 - 'print.php' Multiple SQL Injections

source: https://www.securityfocus.com/bid/16020/info Papoo is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could allow an attacker to compromis...

ATutor 1.x - print.php?section Remote File Inclusion

ATutor 1.x - print.php?section Remote File Inclusion source: https://www.securityfocus.com/bid/15221/info ATutor is prone to multiple vulnerabilities. These issues can allow remote attackers to execute arbitrary PHP commands and carry out local file include and cross-site scripting attacks. ATuto...

Stylemotion WEBNEWS 1.4 - print.php?id SQL Injection

Stylemotion WEBNEWS 1.4 - print.php?id SQL Injection source: https://www.securityfocus.com/bid/14776/info WEB//NEWS is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries...

CVE-2005-2815

print.php in FlatNuke 2.5.6 allows remote attackers to obtain sensitive information path disclosure on error or cause a denial of service resource consumption via an MS-DOS device name in the news parameter to print.php, such as 1 AUX, 2 CON, 3 PRN, 4 COM1, or 5 LPT1...

PHPKIT 1.6 - Multiple Input Validation Vulnerabilities

PHPKIT 1.6 - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/11725/info It is reported that PHPKIT is susceptible to cross-site scripting and SQL injection vulnerabilities. The cross-site scripting issue is present in a parameter of the 'popup.php' script. An...

jPORTAL 2.2.1 - 'print.php' SQL Injection

source: https://www.securityfocus.com/bid/10430/info JPortal is reportedly affected by a remote SQL injection vulnerability in the print.inc.php script. This issue is due to a failure of the application to properly sanitize user-supplied URI input before using it in an SQL query. As a result of...

PHP-Nuke 5.5 and 6.0: Path Disclosure

Product - PHP-Nuke + Version - 5.5, 6.0 other versions not tested jet + Website - http://www.phpnuke.org + Problems - Path Disclosure + Explanation: The fault happens in the file print.php, which this including in the modulos 'News' and 'AvantGo', in the same one is checked that the variable $sid...