A SQL injection vulnerability exists in the WordPress Menu Creator plugin version 1.1.7 and earlier. The vulnerability is due to the updateSortOrder.php script not properly sanitizing user-supplied input. An attacker can exploit this vulnerability to inject and execute arbitrary SQL commands in the application's back-end database.
The vulnerability exists due to insufficient filtration of user-supplied input passed via the 'gcb' HTTP GET parameter to '/wp-content/plugins/global-content-blocks/gcb/gcb_export.php' script. A remote attacker can send a specially crafted request to the vulnerable script and execute arbitrary SQL commands in application's database.
A SQL injection vulnerability exists in the WordPress Ajax Gallery plugin version 3.0 and below. An attacker can exploit this vulnerability by sending a crafted HTTP request to the list.php script with the delete and gId parameters set to a malicious value. This can allow the attacker to execute arbitrary SQL commands on the underlying database.
XSS: A malicious user can inject a malicious script into the internalname parameter of the embed/media page. The script will be executed when the mouse is hovered over the page. SQL Injection: A malicious user can inject a malicious SQL query into the tag_names parameter of the search page.
The vulnerability exists due to insufficient sanitization of user-supplied input in 'id' parameter of 'sendmail.php' script. A remote attacker can send a specially crafted request to the vulnerable script and execute arbitrary SQL commands in application's database. This can be exploited to disclose sensitive information, modify data, compromise the system, etc.
The vulnerability exists due to insufficient sanitization of user-supplied input in 'id' parameter of 'delete_faqbook' action in 'ajax.php' script. A remote attacker can send a specially crafted request to the vulnerable script and execute arbitrary SQL commands in application's database. This can be exploited to bypass certain security restrictions, read/modify data in the database, compromise the system, etc.
Contrexx Shopsystem is vulnerable to Blind SQL Injection. An attacker can exploit this vulnerability to gain access to the admin panel of the application. The exploit is written in PHP and it takes the target URL, category ID and admin user limit as arguments. The exploit then uses the target URL and category ID to construct a malicious URL and sends it to the server. The malicious URL contains a blind SQL injection code which is used to extract the username and password of the admin user. The exploit then prints the username and password on the screen.
The vulnerability exists due to insufficient sanitization of user-supplied input passed via the 'id' and 'uid' parameters to '/wp-content/plugins/odihost-newsletter-plugin/includes/openstat.php' script. A remote attacker can execute arbitrary SQL commands in application's database.
A SQL injection vulnerability exists in WordPress Easy Contact Form Lite plugin version 1.0.7 and earlier. An attacker can exploit this vulnerability to inject arbitrary SQL commands via the 'field_num[]' parameter in the 'sort_row.request.php' script. This can be exploited to gain access to the database and potentially to gain access to the web server.
A SQL injection vulnerability exists in WordPress WP Symposium plugin version 0.64. An attacker can send a malicious HTTP request to the vulnerable server, which can be used to execute arbitrary SQL commands in the back-end database. This can be exploited to manipulate or disclose sensitive information in the database.
Services By CQR