141 matches found
JVideo! Component for Joomla! 'user_id' Parameter SQLi
The version of the JVideo! component for Joomla! running on the remote host is affected by a SQL injection vulnerability in the models/user.php script due to improper sanitization of user-supplied input to the 'userid' parameter before using it to construct database queries in the getUsername...
Joomla! / Mambo Component gigCalendar 1.0 - 'banddetails.php' SQL Injection
source: https://www.securityfocus.com/bid/33859/info The gigCalendar component for Joomla! and Mambo is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise...
Lootan - login.asp SQL Injection
Lootan - login.asp SQL Injection source: https://www.securityfocus.com/bid/33439/info Lootan is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...
Blog Manager - categoryId Cross-Site Scripting
Blog Manager - categoryId Cross-Site Scripting source: https://www.securityfocus.com/bid/33314/info DMXReady Blog Manager is prone to a cross-site scripting vulnerability and an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting thes...
w3bcms - adminindex.php SQL Injection
w3bcms - adminindex.php SQL Injection source: https://www.securityfocus.com/bid/33310/info The 'w3bcms' application is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacke...
Madrese-Portal - haber.asp SQL Injection
Madrese-Portal - haber.asp SQL Injection source: https://www.securityfocus.com/bid/33045/info Madrese-Portal is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input. Attackers may exploit this issue to compromise the application, access or modify data,...
Ocean12 (Multiple Products) - Admin_ID SQL Injection
Ocean12 Multiple Products - AdminID SQL Injection source: https://www.securityfocus.com/bid/32527/info Multiple Ocean12 products are prone to an SQL-injection vulnerability because they fail to sufficiently sanitize user-supplied data. A successful exploit may allow an attacker to compromise the...
SpitFire Photo Pro - pages.php SQL Injection
SpitFire Photo Pro - pages.php SQL Injection source: https://www.securityfocus.com/bid/32012/info SpitFire Photo Pro is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attack...
InterTech WCMS - 'etemplate.php' SQL Injection
source: https://www.securityfocus.com/bid/31350/info InterTech Web Content Management System WCMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise th...
eliteCMS 1.0 - 'page' SQL Injection
source: https://www.securityfocus.com/bid/30990/info eliteCMS is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input. Attackers may exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the...
PHP Realty - dpage.php SQL Injection
PHP Realty - dpage.php SQL Injection source: https://www.securityfocus.com/bid/30678/info PHP Realty is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise...
KEIL Software PhotoKorn 1.542 - 'index.php' SQL Injection
source: https://www.securityfocus.com/bid/29808/info KEIL Software's photokorn is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit laten...
PHPFix 2.0 - fixbrowse.php?kind SQL Injection
PHPFix 2.0 - fixbrowse.php?kind SQL Injection source: https://www.securityfocus.com/bid/29371/info phpFix is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacke...
Excuse Online - pwd.asp SQL Injection
Excuse Online - pwd.asp SQL Injection source: https://www.securityfocus.com/bid/29370/info Excuse Online is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...
OtherLogic - 'vocourse.php' SQL Injection
source: https://www.securityfocus.com/bid/29139/info OtherLogic is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...
Cobalt 2.0 - 'adminler.asp' SQL Injection
source: https://www.securityfocus.com/bid/28831/info CoBaLT is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities ...
Joomla! / Mambo Component com_publication - 'pid' SQL Injection
source: https://www.securityfocus.com/bid/27970/info The Joomla! and Mambo 'compublication' component is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromis...
Joomla! Mambo Component com_profile - oid SQL Injection
Joomla! Mambo Component comprofile - oid SQL Injection source: https://www.securityfocus.com/bid/27851/info The Joomla! and Mambo 'comprofile' component is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query...
Joomla! / Mambo Component com_profile - 'oid' SQL Injection
source: https://www.securityfocus.com/bid/27851/info The Joomla! and Mambo 'comprofile' component is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise th...
XOOPS 'vacatures' Module - 'cid' SQL Injection
source: https://www.securityfocus.com/bid/27889/info XOOPS 'vacatures' module is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, acces...