XRMS 1.99.2 - companies/some.php company_name Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/31008/info XRMS CRM is prone to multiple input-validation vulnerabilities, including an unspecified SQL-injection issue, an HTML-injection issue, and multiple cross-site scripting issues. The vulnerabilities occur because...

LoudBlog 0.41 backend_settings.php language Parameter Traversal Arbitrary File Access

No description provided by source. source: http://www.securityfocus.com/bid/17023/info Loudblog is prone to multiple input-validation vulnerabilities: - An SQL-injection vulnerability. - Two local file-include vulnerabilities. - An information-disclosure vulnerability. These issues allow remote...

INFINICART browse_group.asp groupid Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/21043/info Infinicart is prone to multiple input-validation vulnerabilities, including HTML-injection and SQL-injection issues, because the application fails to properly sanitize user-supplied input. A successful exploit ...

PHP JackKnife 2.21 (PHPJK) UserArea/Authenticate.php sUName Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/24253/info PHP JackKnife is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues. Exploiting these issues could allow an attacker to steal cookie-based authentication...

PHP JackKnife 2.21 (PHPJK) UserArea/NewAccounts/index.php sAccountUnq Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/24253/info PHP JackKnife is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues. Exploiting these issues could allow an attacker to steal cookie-based authentication...

LANAI CMS 1.2.14 GALLERY Module gid Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/25193/info LANAI CMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...

Car Site Manager csm/asp/listings.asp Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21066/info Car Site Manager is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to stea...

PHP JackKnife 2.21 (PHPJK) G_Display.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/24253/info PHP JackKnife is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues. Exploiting these issues could allow an attacker to steal cookie-based authentication...

ACGV News 0.9.1 - glossaire.php id Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/29253/info ACGV News is prone to multiple input-validation vulnerabilities, including an SQL-injection issue and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied data. Exploiting these...

Koobi Pro 5.6 showtopic Module toid Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/18970/info Koobi Pro prone to a cross-site scripting issue and an SQL-injection issue because the application fails to properly sanitize user-supplied input. A successful exploit of these vulnerabilities could allow an...

k-rate (sql/xss) Multiple Vulnerabilities

No description provided by source. ================================================================================ || K-Rate SQL-INJECTION, XSS ================================================================================ Application: K-Rate ------------ Website: http://turn-k.net/k-rate...

eCMS 0.4.2 - Multiple Security Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/29304/info eCMS is prone to multiple security vulnerabilities, including a security-bypass issue and an SQL-injection issue. Exploiting these issues may allow an attacker to bypass certain security restrictions and gain...

Xt-News 0.1 add_comment.php id_news Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21719/info Xt-News is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because it fails to sufficiently sanitize user-supplied input. An attacker could exploit...

FreeWebshop 2.2.9 R2 Multiple Remote Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/37513/info FreeWebshop is prone to multiple remote vulnerabilities: 1. A security vulnerability that may allow attackers to spoof HTTP headers. 2. A security vulnerability involving the handling of sessions. 3. A security...

Xt-News 0.1 show_news.php id_news Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21719/info Xt-News is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because it fails to sufficiently sanitize user-supplied input. An attacker could exploit...

Xt-News 0.1 show_news.php id_news Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/21719/info Xt-News is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because it fails to sufficiently sanitize user-supplied input. An attacker could exploit...

wordpress plugin dmsguestbook 1.7.0 - Multiple Vulnerabilities

No description provided by source. Wordpress Plugin dmsguestbook 1.7.0 Multiple Remote Vulnerabilities by NBBN 2nd, February 2008 1 File Disclosure Open the following url you can see the config data of wordpress, with the mysql-server username and password. In this file you usually have write...

EasyPublish 3.0 'read' Parameter Multiple SQL Injection and Cross-Site Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/30307/info EasyPublish is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issues include SQL-injection and cross-site scripting vulnerabilities...

Cuteflow Bin 1.5 - pages/editmailinglist_step1.php language Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/28500/info CuteFlow Bin is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issues include a SQL-injection vulnerability and multiple cross-site scriptin...

Cuteflow Bin 1.5 - pages/showcirculation.php language Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/28500/info CuteFlow Bin is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issues include a SQL-injection vulnerability and multiple cross-site scriptin...