93 matches found
Quick Classifieds 1.0 - controlpannel/mailadmin.php3 DOCUMENT_ROOT Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the applicati...
phpMyAdmin <= 3.0.1 'pmd_pdf.php' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/31928/info phpMyAdmin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of a...
Joomla! and Mambo com_iomezun Component - 'id' Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27748/info The Joomla! and Mambo 'comiomezun' component is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could...
H-Sphere WebShell 4.3.10 'actions.php' Multiple Cross Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/31524/info H-Sphere WebShell is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code i...
K Web CMS 'sayfala.asp' SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/30745/info K Web CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...
Meet#Web 0.8 modules.php root_path Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/30673/info MeetWeb is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the...
PHD Help Desk 1.43 atributo_list.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/37029/info PHD Help Desk is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the...
HTMLEditBox 2.2 Config.PHP Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/23664/info htmlEditbox is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit this vulnerability to execute malicious PHP code in the context ...
miniBB RSS 2.0 Plugin Multiple Remote File Include Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/30421/info The RSS plugin for miniBB is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can allow an attacker to compromise the...
Portail Web Php 2.5.1 config/conf-activation.php site_path Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/27616/info Portail Web Php is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application...
SAP cFolders Cross Site Scripting And HTML Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/34658/info SAP cFolders is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the...
Greatclone GC Auction Platinum 'category.php' SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/30389/info GC Auction Platinum is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...
PhpHostBot 1.05 Authorize.PHP Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/25073/info PhpHostBot is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the...
Your Articles Directory Login Option SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/39796/info Article Directory Script is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...
The Search Engine Project 0.942 Configfunction.PHP Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20831/info The Search Engine Project is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application...
SpitFire Photo Pro 'pages.php' SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/32012/info SpitFire Photo Pro is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...
WordPress Plugin ShiftThis Newsletter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27586/info The ShiftThis Newsletter plugin for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could...
WM-News 0.5 Print.PHP Local File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19968/info WM-News is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue could allow an attacker to compromise the application and the underlyin...
EncapsCMS 0.3.6 'common_foot.php' Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/22319/info EncapsCMS is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the underlyi...
Tagit! Tagit2b 2.1.B Build 2 tagviewer.php Multiple Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/22518/info TagIt! TagBoard is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application...