542 matches found
I-RATER Platinum - 'Common.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/17623/info I-RATER Platinum is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing...
ShopWeezle 2.0 - 'memo.php?itemID' SQL Injection
source: https://www.securityfocus.com/bid/17441/info ShopWeezle is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...
VihorDesign - index.php Remote File Inclusion
VihorDesign - index.php Remote File Inclusion source: https://www.securityfocus.com/bid/17227/info VihorDesign is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include...
phpWebSite 0.8.20.8.3 - friend.php?sid SQL Injection
phpWebSite 0.8.20.8.3 - friend.php?sid SQL Injection source: https://www.securityfocus.com/bid/17150/info phpWebSite is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. A...
MusicBox 2.3 - index.php SQL Injection
MusicBox 2.3 - index.php SQL Injection source: https://www.securityfocus.com/bid/17149/info MusicBox is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly...
LoudBlog 0.41 - 'index.php?template' Traversal Arbitrary File Access
source: https://www.securityfocus.com/bid/17023/info Loudblog is prone to multiple input-validation vulnerabilities: - An SQL-injection vulnerability. - Two local file-include vulnerabilities. - An information-disclosure vulnerability. These issues allow remote attackers to execute arbitrary PHP...
DCI-Designs Dawaween 1.03 - Poems.php SQL Injection
DCI-Designs Dawaween 1.03 - Poems.php SQL Injection source: https://www.securityfocus.com/bid/16909/info Dawaween is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query. Successful exploits could allow a remote attacker...
PEHEPE Membership Management System 3.0 - Remote PHP Script Code Injection
PEHEPE Membership Management System 3.0 - Remote PHP Script Code Injection source: https://www.securityfocus.com/bid/16887/info PEHEPE Membership Management System is prone to a remote PHP code-injection vulnerability. An attacker can exploit this issue to facilitate a compromise of the applicati...
WebspotBlogging 3.0 - login.php SQL Injection
WebspotBlogging 3.0 - login.php SQL Injection source: https://www.securityfocus.com/bid/16319/info WebspotBlogging is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...
Bitweaver 1.1.1 - 'my.php?sort_mode' Cross-Site Scripting
source: https://www.securityfocus.com/bid/15962/info bitweaver is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities could result in a compromise of the...
EZDatabase 2.1.2 - 'index.php?p' Local File Inclusion
source: https://www.securityfocus.com/bid/15908/info ezDatabase is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. ezDatabase is prone to an SQL injection vulnerability and a local file include...
TML 0.5 - index.php?id SQL Injection
TML 0.5 - index.php?id SQL Injection source: https://www.securityfocus.com/bid/15876/info TML CMS is prone to multiple input validation vulnerabilities. Successful exploitation of these vulnerabilities could result in a compromise of the application, disclosure or modification of data, the theft ...
PDJK-support Suite 1.1 - Multiple SQL Injections
source: https://www.securityfocus.com/bid/15598/info PDJK-support Suite is prone to multiple SQL injection vulnerabilities. These vulnerabilities could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks. Successful...
Galerie 2.4 - showgallery.php SQL Injection
Galerie 2.4 - showgallery.php SQL Injection source: https://www.securityfocus.com/bid/15313/info Galerie is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation...
NooToplist 1.0 - index.php Multiple SQL Injections
NooToplist 1.0 - index.php Multiple SQL Injections source: https://www.securityfocus.com/bid/14873/info NooToplist is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation could resul...
osCommerce 2.2 - update.php Information Disclosure
osCommerce 2.2 - update.php Information Disclosure source: https://www.securityfocus.com/bid/14294/info osCommerce is prone to an information-disclosure vulnerability. An attacker could exploit this vulnerability to display the contents of any file normally readable by the webserver process...
UBBCentral UBB.Threads 5.5.16.x - grabnext.php?posted SQL Injection
UBBCentral UBB.Threads 5.5.16.x - grabnext.php?posted SQL Injection source: https://www.securityfocus.com/bid/14052/info UBB.Threads is prone to multiple SQL injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successf...
DUware DUclassmate 1.x - edit.asp?iPro SQL Injection
DUware DUclassmate 1.x - edit.asp?iPro SQL Injection source: https://www.securityfocus.com/bid/14036/info DUclassmate is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit coul...
WowBB 1.6 - View_User.php SQL Injection
WowBB 1.6 - ViewUser.php SQL Injection source: https://www.securityfocus.com/bid/13569/info WowBB is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input prior to using it in an SQL query. Successful exploitation could...
Keyvan1 ImageGallery - Database Disclosure
source: https://www.securityfocus.com/bid/13630/info Keyvan1 ImageGallery is prone to an access validation vulnerability that could allow the underlying database to be downloaded. http://www.example.com/path/image.mdb...