235 matches found
Contra Haber Sistemi 1.0 Haber.ASP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/21626/info Contra Haber Sistemi is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...
Joomla! 'com_mygallery' Component - 'cid' Parameter SQL Injection Vulnerability
No description provided by source. Bugtraq ID: 37121 Class: Input Validation Error Published: Feb 21 2008 12:00AM Updated: Nov 24 2009 10:15PM Credit: S@BUN Vulnerable: Joomla commygallery 0 The 'commygallery' component for Joomla! is prone to an SQL-injection vulnerability because it fails to...
EasyE-Cards 3.10 SQL Injection Vulnerability and Multiple Cross Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/30328/info EasyE-Cards is prone to multiple input-validation vulnerabilities, including an SQL-injection issue and multiple cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data...
Quick CMS Lite 2.1 - 'admin.php' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/31210/info Quick.Cms.Lite is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser ...
itMedia Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/30740/info itMedia is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...
Linksys WVC54GCA 1.00R22/1.00R24 Wireless-G Multiple Cross Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/34714/info Linksys WVC54GCA Wireless-G Internet Home Monitoring Camera is prone to multiple cross-site scripting vulnerabilities because the software fails to sufficiently sanitize user-supplied data. An attacker may...
Kasseler CMS News Module 'id' Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/38909/info Kasseler CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise...
BoutikOne CMS 'search_query' Parameter Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/32321/info BoutikOne CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser o...
EXP Shop 1.0 Joomla! 'com_expshop' Component SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/29869/info The EXP Shop component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...
DHCart 3.84 Multiple Cross Site Scripting And HTML Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/32117/info DHCart is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the conte...
PolyPager 0.9.51/1.0 'nr' Parameter Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/29975/info PolyPager is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
Free File Hosting System 1.1 login.php AD_BODY_TEMP Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/23118/info Free File Hosting is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the applicati...
IDevSpot iSupport 1.8 open_tickets.php ticket_id Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/19963/info IDevSpot iSupport is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user supplied data. Exploiting these issues could allow an attacker to steal cookie-based...
Netrw 125 Vim Script Multiple Command Execution Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/30115/info Netrw is prone to multiple command-execution vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Successfully exploiting these issues can allow an attacker to execute...
Magic Photo Storage Website user/user_catelog_password.php _config[site_path] Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/21965/info Magic Photo Storage Website is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the...
Softbiz Classifieds Script Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/32375/info Softbiz Classifieds Script is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in...
Claroline 1.x RootSys Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/23609/info Claroline is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the underlyi...
Links Pile - 'link.php' SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/29223/info Links Pile is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise th...
Easyedit CMS page.php intPageID Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/32369/info Easyedit is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...
iJoomla com_magazine Component - 'pageid' Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27888/info iJoomla 'commagazine' component is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...