#sql

FoccusWeb CMS version 0.1 suffers from a cross site scripting vulnerability.

Fluent CMS version 1.0.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Color Prediction Game version 1.0 suffers from a remote SQL injection vulnerability.

Global Multi School Management System Express version 1.0 suffers from a remote SQL injection vulnerability.

OVOO Movie Portal CMS version 3.3.3 suffers from a remote SQL injection vulnerability.

Taskhub CRM Tool version 2.8.6 suffers from a remote SQL injection vulnerability.

Credit Lite version 1.5.4 suffers from a remote SQL injection vulnerability.

Event Locations CMS version 1.0.1 suffers from a remote shell upload vulnerability.

SQL injection vulnerability in berkaygediz O_Blog v.1.0 allows a local attacker to escalate privileges via the secure_file_priv component.

SQL injection vulnerability in LuxCal Web Calendar prior to 5.2.3M (MySQL version) and LuxCal Web Calendar prior to 5.2.3L (SQLite version) allows a remote unauthenticated attacker to execute arbitrary queries against the database and obtain or alter the information in it.