KAPDA Advisory #18 - Various WebWiz scripts suffer from SQL injection vulnerabilities due to a lack of input sanitization in check_user.asp. Details on exploitation provided.
47d9f7e6f77dbf6c77a9d24bd85c5239b1dae742ef993af3a16cb86904a1d76e
"Search.php" in Punbb versions 1.2.8 and earlier does not properly validate user-supplied input. A remote user can create specially crafted parameter values that will execute SQL commands on the underlying database. POC included.
ef14a68dd3dad542f61ee592dc81bdb6aebfcf8062ee30128e663c593850becf
Aenovo is susceptible to multiple SQL injection and cross site scripting vulnerabilities. Details provided.
43a29a44230d7d18568c832c99fa41dce36ae895792641634b5197bb81828619