eBay Clone Script 2010 - showcategory.php SQL Injection

eBay Clone Script 2010 - showcategory.php SQL Injection source: https://www.securityfocus.com/bid/41200/info eBay Clone Script 2010 is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could...

V-EVA Classified Script 5.1 - classified_img.php SQL Injection

V-EVA Classified Script 5.1 - classifiedimg.php SQL Injection source: https://www.securityfocus.com/bid/41204/info V-EVA Classified Script is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue...

KubeSupport - lang SQL Injection

KubeSupport - lang SQL Injection source: https://www.securityfocus.com/bid/40970/info KubeSupport is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise th...

cyberhost - default.asp SQL Injection

cyberhost - default.asp SQL Injection source: https://www.securityfocus.com/bid/40357/info cyberhost is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise...

Your Articles Directory - Login Option SQL Injection

Your Articles Directory - Login Option SQL Injection source: https://www.securityfocus.com/bid/39796/info Article Directory Script is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could...

Joomla ABC Component "sectionid" SQL Injection Vulnerability

No description provided by source. A vulnerability has been discovered in the ABC component for Joomla, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "sectionid" parameter to index.php when "option" is set to "comabc" is not properly sanitised...

SA-CONTRIB-2010-037 - Decisions - Access bypass

Decisions is a replacement for poll.module and provides advanced voting systems and decision-making tools. It aims to enable groups to take decisions online in a manner that replicates and augments what is possible in face-to-face meeting. In some listings, the Decisions module does not construct...

Cacti 0.8.7e - SQL Injection

Cacti 0.8.7e - SQL Injection CVSSv2 Score: 9 AV:N/AC:L/Au:S/C:C/I:C/A:C A Vulnerability has been discovered in Cacti, which can be exploited by any user to conduct SQL Injection attacks. Input passed via the “exportitemid” parameter to “templatesexport.php” script is not properly sanitized before...

cacti -- SQL injection and command execution vulnerabilities

Bonsai information security reports: A Vulnerability has been discovered in Cacti, which can be exploited by any user to conduct SQL Injection attacks. Input passed via the "exportitemid" parameter to "templatesexport.php" script is not properly sanitized before being used in a SQL query. The sam...

Viennabux Beta! - 'cat' SQL Injection

source: https://www.securityfocus.com/bid/39602/info Viennabux Beta! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modi...

Zabbix 1.8.1 - SQL Injection

Zabbix 1.8.1 - SQL Injection ============================================= - Release date: April 1st, 2010 - Discovered by: Dawid Golunski - Severity: High ============================================= I. VULNERABILITY ------------------------- Zabbix = 1.8.1 SQL Injection II. BACKGROUND...

Joomla! Component com_weblinks - id SQL Injection

Joomla! Component comweblinks - id SQL Injection source: https://www.securityfocus.com/bid/39032/info The 'comweblinks' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this...

INVOhost - SQL Injection

Andrés Gómez Exploit Title : INVOhost SQL Injection Date : 2010-04-24 Author : Andrés Gómez Software Link : http://www.invohost.com/ Contact : [email protected] Dork : "Powered by INVOhost" An attacker may execute arbitrary SQL statements on the vulnerable system. This may compromise the...

Wild CMS - SQL Injection

Wild CMS - SQL Injection Title: SQL injection vulnerability in Wild CMS Date: 09.03.2010 Author: Ariko-Security Software Link: http://www.wildcms.com/ Version: ALL ============ Ariko-Security - Advisory 4/3/2010 ============= SQL injection vulnerability in wILD CMS Vendor's Description of Softwar...

Natychmiast CMS Cross Site Scripting / SQL Injection

Title: SQL injection vulnerability in Natychmiast CMS Date: 03.03.2010 Author: Ariko-Security Software Link: http://www.natychmiast-cms.pl/ Version: ALL ============ Ariko-Security - Advisory 2/3/2010 ============= SQL injection and XSS vulnerability in NATYCHMIAST CMS Vendor's Description of...

Ding Feng enterprises smart built Station system injection search injection vulnerability analysis and exploit-vulnerability warning-the black bar safety net

Author: L4nk0rMo if you are asked Yesterday the use of this system to get a webshell, but is the use of download the default database, the latter the discoverer of the system interface's also good, by the look of IT security. This article on its search injection vulnerability simple analysis and...

SA-CONTRIB-2010-019 - Weekly Archive by Node Type - Access Bypass

The Weekly Archive by Node Type module generates weekly archive pages and a block with links to the pages. You can specify the node types that will be included in the archive pages. In weekly summaries listings, the Weekly Archive by Node Type module does not construct its SQL query to respect no...

Joomla! Component HD FLV Player - 'id' SQL Injection

source: https://www.securityfocus.com/bid/38401/info The HD FLV Player component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

CommodityRentals CD Rental Software - 'index.php' SQL Injection

source: https://www.securityfocus.com/bid/38184/info CommodityRentals CD Rental Software is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

SQLite Browser v2.0b1 Local DoS Vulnerability

No description provided by source. Exploit Title: SQLite Browser 2.0b1 Local DoS Vulnerability Author: Nishant Das Patnaik Tested on: Windows XP SP2/SP3 x86, Vista x86, Windows 7 x64 Code : A specially crafted SQL file query can cause the the application to freeze and finally crash. The bug is th...