phpCOIN <= 1.2.1b Multiple Vulnerabilities

The remote host is running phpCOIN version 1.2.1b or older. These versions suffer from several vulnerabilities, among them : - A Local File Include Vulnerability An attacker can execute arbitrary code in the context of the web server user by passing the name of a script or file through the 'page'...

[SA14321] Ulog-php SQL Injection Vulnerabilities

TITLE: Ulog-php SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA14321 VERIFY ADVISORY: http://secunia.com/advisories/14321/ CRITICAL: Less critical IMPACT: Manipulation of data WHERE: From local network SOFTWARE: Ulog-php 0.x http://secunia.com/product/4684/ DESCRIPTION: Some vulnerabilities...

Ikonboard ikonboard.cgi Multiple Parameter SQL Injection

The remote server is running IkonBoard, a Web Bulletin Board System written in Perl. The remote version of this software fails to sanitize user-supplied input to multiple variables in the 'ikonboard.cgi' script. An attacker can exploit this flaw to launch SQL injection attacks. %NASLMINLEVEL 7030...

PD9 Software MegaBBS 2.02.1 - thread-post.asp Multiple Header CRLF Injections

PD9 Software MegaBBS 2.02.1 - thread-post.asp Multiple Header CRLF Injections source: https://www.securityfocus.com/bid/11253/info MegaBBS is reported prone to multiple vulnerabilities. These issues exist due to insufficient sanitization of user-supplied data and may allow an attacker to carry ou...

Mambo Open Source 4.5.1 (1.0.9) - Function.php Arbitrary Command Execution

Mambo Open Source 4.5.1 1.0.9 - Function.php Arbitrary Command Execution source: https://www.securityfocus.com/bid/11220/info Mambo open source is reportedly affected by multiple input validation vulnerabilities. These issues are due to a failure of the application to properly validate...

Mambo Open Source 4.5.1 (1.0.9) - Cross-Site Scripting

source: https://www.securityfocus.com/bid/11220/info Mambo open source is reportedly affected by multiple input validation vulnerabilities. These issues are due to a failure of the application to properly validate user-supplied URI parameters. An attacker may leverage these issues to execute...

TUTOS - &#039;app_new.php?t&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/11221/info Tutos is reported prone to multiple remote input-validation vulnerabilities. These issues exist due to insufficient sanitization of user-supplied data and may allow an attacker to carry out cross-site scripting and SQL-injection attacks. These...

TUTOS - app_new.php?t Cross-Site Scripting

TUTOS - appnew.php?t Cross-Site Scripting source: https://www.securityfocus.com/bid/11221/info Tutos is reported prone to multiple remote input-validation vulnerabilities. These issues exist due to insufficient sanitization of user-supplied data and may allow an attacker to carry out cross-site...

GetSolutions GetIntranet 2.2 - Multiple Remote Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/11149/info Reportedly getSolutions getIntranet is affected by multiple remote input validation vulnerabilities. These issues are caused by a failure of the application to properly sanitize user-supplied input. These issues may be leveraged to carry out SQ...

GetSolutions GetIntranet 2.2 - Multiple Remote Input Validation Vulnerabilities

GetSolutions GetIntranet 2.2 - Multiple Remote Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/11149/info Reportedly getSolutions getIntranet is affected by multiple remote input validation vulnerabilities. These issues are caused by a failure of the application to...

MercuryBoard < 1.1.3 Multiple Vulnerabilities

Binary data 2627.prm...

OpenBB 1.0.x - &#039;index.php?redirect&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/10214/info It has been reported that OpenBB is affected by multiple input validation vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied user input. The SQL issues may allow a remote attacker to...

TikiWiki Project 1.8 - tiki-list_trackers.php?offset SQL Injection

TikiWiki Project 1.8 - tiki-listtrackers.php?offset SQL Injection source: https://www.securityfocus.com/bid/10100/info Multiple vulnerabilities have been identified in various modules of the application. These vulnerabilities may allow a remote attacker to carry out various attacks such as path...

Xpressions Software: Multiple SQL Injection Attacks To Manage WebStore

/------------------------ Pimp industries. --------------------------/ Xpressions Software : Multiple SQL Injection Attacks To Manage WebStores. BackGround ------------- When your suppliers and trading partners can interact with your organization as a seamless extension of your internal business...

InstaBoard 1.3 - index.cfm SQL Injection

InstaBoard 1.3 - index.cfm SQL Injection source: https://www.securityfocus.com/bid/7338/info It has been reported that multiple input validation errors exist in the index.cfm file included with InstaBoard. Because of this issue, remote attackers may launch SQL injection attacks through the...