145 matches found
Fusebox 5.5.1 - fusebox5.php Remote File Inclusion
Fusebox 5.5.1 - fusebox5.php Remote File Inclusion source: https://www.securityfocus.com/bid/29163/info Fusebox is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue can allow an attacker to compromise the application a...
Claroline 1.7.5 - Multiple Remote File Inclusions
source: https://www.securityfocus.com/bid/29162/info Claroline is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow a remote attacker to compromise the application and the underlying system; other...
BatmanPorTaL - 'uyeadmin.asp?id' SQL Injection
source: https://www.securityfocus.com/bid/29057/info BatmanPorTaL is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow an attacker to compromise the application, access or...
Quick Classifieds 1.0 - 'controlpannel/alterCats.php3?DOCUMENT_ROOT' Remote File Inclusion
source: https://www.securityfocus.com/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; othe...
Quick Classifieds 1.0 - 'controlpannel/alterFeatured.php3?DOCUMENT_ROOT' Remote File Inclusion
source: https://www.securityfocus.com/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; othe...
Quick Classifieds 1.0 - 'controlpannel/createM.php3?DOCUMENT_ROOT' Remote File Inclusion
source: https://www.securityfocus.com/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; othe...
W-Agora 4.0 - delete_notes.php?bn_dir_default Remote File Inclusion
W-Agora 4.0 - deletenotes.php?bndirdefault Remote File Inclusion source: https://www.securityfocus.com/bid/28366/info w-Agora is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to...
W-Agora 4.0 - 'add_user.php?bn_dir_default' Remote File Inclusion
source: https://www.securityfocus.com/bid/28366/info w-Agora is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks...
XOOPS 'badliege' Module - 'id' SQL Injection
source: https://www.securityfocus.com/bid/27892/info The XOOPS 'badliege' module is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application,...
Joomla! / Mambo Component faq - 'catid' SQL Injection
source: https://www.securityfocus.com/bid/27822/info The Joomla! and Mambo 'faq' component is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...
Portail Web PHP 2.5.1 - item.php Remote File Inclusion
Portail Web PHP 2.5.1 - item.php Remote File Inclusion source: https://www.securityfocus.com/bid/27616/info Portail Web Php is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to...
Codice CMS - 'login.php' SQL Injection
source: https://www.securityfocus.com/bid/27592/info Codice CMS is prone to an SQL-injection vulnerability because it fails to adequately sanitize user-supplied data. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities...
WebPortal CMS 'index.php' SQL Injection Vulnerability
WebPortal CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the...
Ossigeno CMS 2.2_pre1 - '/ossigeno_modules/ossigeno-catalogo/xax/ossigeno/catalogo/common.php?ossigeno' Remote File Inclusion
source: https://www.securityfocus.com/bid/26654/info Ossigeno CMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other...
Ossigeno CMS 2.2_pre1 - '/upload/xax/ossigeno/admin/install_module.php?level' Remote File Inclusion
source: https://www.securityfocus.com/bid/26654/info Ossigeno CMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other...
Weblord.it MS-TopSites - Unauthorized Access / HTML Injection
source: https://www.securityfocus.com/bid/26358/info MS-TopSites is prone to an unauthorized-access vulnerability and an HTML-injection vulnerability because the application fails to sufficiently sanitize user-supplied data. An attacker can exploit these issues to gain elevated privileges on the...
Dale Mooney Calendar Events - 'Viewevent.php' SQL Injection
source: https://www.securityfocus.com/bid/25456/info Calendar Events is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modi...
Vikingboard 0.1.2 - post.php Cross-Site Scripting
Vikingboard 0.1.2 - post.php Cross-Site Scripting source: https://www.securityfocus.com/bid/25056/info Vikingboard is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting this issue could allow an attacker to steal...
Levent Veysi Portal 1.0 - 'Oku.asp' SQL Injection
source: https://www.securityfocus.com/bid/24794/info Levent Veysi Portal is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue by manipulating the SQL query logic to carry out...
HTMLEditBox 2.2 - 'config.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/23664/info htmlEditbox is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit this vulnerability to execute malicious PHP code in the context of the webserver. This may allow t...