- Ektron CMS400.NET is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the ContentRatingGraph.aspx script using the res parameter, which could allow the attacker to view, add, modify or delete information in the back-end database.
- Upgrade to the latest version Ektron CMS.
- WordPress Plugin Mingle Forum Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (184.108.40.206)
- WordPress Plugin iThemes Security (formerly Better WP Security) SQL Injection (7.0.2)
- WordPress Plugin WP Photo Album 'photo' Parameter SQL Injection (1.0)
- WordPress Plugin WP-RecentComments SQL Injection (2.0.7)
- WordPress Plugin WP Symposium 'get_profile_avatar.php' SQL Injection (0.64)