SQL injection Prevention - GET : Evasion attempt with CAST and EXEC statements Description         Default configuration   Profiles High Medium Low Internet Action Block Block Block Block Alarm Level Minor Minor Minor Minor       References   URL: http://www.exploit-db.com/exploits/20035/       Available since   ASQ v5.0.0       Protects   Joomla Third-Party Plugins Multiple SQL Injection Vulnerabilities Joomla Third-Party Plugins Multiple Vulnerabilities Joomla Third-Party Plugins Multiple Vulnerabilities Dolibarr Multiple Vulnerabilities Joomla Third-Party Plugins Multiple Vulnerabilities WordPress Third-Party Plugins Multiple Vulnerabilities Joomla Core SQL Injection Vulnerability Fixed by 3.7.1 Joomla Third-Party Plugins Multiple Vulnerabilities Joomla Third-Party Plugins Multiple SQL Injection Vulnerabilities Joomla Third-Party Plugins Multiple Vulnerabilities Joomla Third-Party Plugins Multiple SQL Injection Vulnerabilities WordPress Third-Party Plugins Multiple Vulnerabilities Joomla Third-Party Plugins Multiple Vulnerabilities Joomla Third-Party Plugins Multiple Vulnerabilities WordPress Third-Party Plugins Multiple Vulnerabilities WordPress Third-Party Plugins Multiple Vulnerabilities Joomla Third-Party Plugins Multiple Vulnerabilities WordPress Third-Party Plugins Multiple Vulnerabilities Joomla "DT Register" Plugin SQL Injection Vulnerability WordPress Third-Party Plugins Multiple Vulnerabilities WordPress Third-Party Modules Multiple Vulnerabilities WordPress Third-Party Modules Multiple Vulnerabilities Cisco Identity Services Engine SQL Injection Vulnerability WordPress Third Party Modules Multiple Vulnerabilities AlienVault Unified Security Management Multiple Vulnerabilities Fixed by 5.3.2 Joomla Third-Party Plugins Multiple Vulnerabilities SAP Adaptive Server Enterprise (ASE) Multiple Vulnerabilities Fixed by September 2016 Patch Day Joomla Third-Party Plugins Multiple Vulnerabilities Joomla Third-Party Plugins Multiple Vulnerabilities Zabbix Latest Data SQL Injection Vulnerability Joomla "Event Registration Pro" SQL Injection Vulnerability Joomla Third-Party Plugins Multiple Vulnerabilities Joomla Third-Party Plugins Multiple Vulnerabilities Joomla Third-Party Plugins Multiple Vulnerabilities Red Hat JBoss BPM Suite Dashbuilder SQL Injection Vulnerability Joomla Third-Party Plugins Multiple Vulnerabilities Drupal 'menupereid' SQL injection Vulnerability Riverbed SteelCentral NetProfiler Multiple Vulnerabilities Fixed by 10.9.0 Cisco Prime Collaboration Deployment SQL Injection Vulnerability Joomla Third-Party Plugins Multiple Vulnerabilities Nagios XI Multiple Vulnerabilities Joomla Third-Party Plugins Multiple Vulnerabilities phpMyAdmin Multiple Vulnerabilities Fixed by 4.6.2 and 4.4.15.6 GLPI "ajax/getDropdownConnect.php" SQL Injection Vulnerability Fixed by 0.90.3 Wordpress Multiple Third Party Plugins Multiple Vulnerabilities Joomla Third-Party Modules Multiple Vulnerabilities Cacti "tree.php" SQL Injection Vulnerability Cacti "graph_template" Parameter "graphs_new.php" SQL Injection Vulnerability Wordpress Multiple Third Party Plugins Multiple Vulnerabilities Wordpress Multiple Third Party Plugins Multiple Vulnerabilities BlackBerry Enterprise Server Management Console Multiple Vulnerabilities Fixed by 12.4 Joomla Third-Party Modules Multiple SQL Injection Vulnerabilities Wordpress Multiple Third Party Plugins Multiple Vulnerabilities Wordpress Multiple Third Party Plugins Multiple Vulnerabilities Joomla Third-Party Modules Multiple Vulnerabilities TestLink SQL Injection Vulnerability Fixed by 1.9.15 Atlassian Confluence Multiple Vulnerabilities Fixed by 5.8.17 Joomla Third-Party Modules Multiple Vulnerabilities Cacti Multiple SQL Injection Vulnerabilities Wordpress Multiple Third Party Plugins Multiple Vulnerabilities Wordpress Multiple Third Party Plugins Multiple Vulnerabilities Wordpress Multiple Third Party Plugins Multiple Vulnerabilities Joomla Third-Party Modules Multiple Vulnerabilities AVG AntiVirus Cross-Site Scripting Vulnerability FTGate Multiple Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities TestLink Multiple Vulnerabilities Fixed by 1.9.14 Wordpress Multiple Third Party Plugins Multiple Vulnerabilities Wordpress Multiple Third Party Plugins Multiple Vulnerabilities Wordpress Multiple Third Party Plugins Multiple Vulnerabilities Splunk Enterprise Splunk Web Cross-Site Scripting Fixed by 6.2.6 Apache mod_negotiation Cross-Site Scripting and HTTP Response Splitting Vulnerabilities IBM Domino Web Server Multiple Vulnerabilities MediaWiki Multiple Vulnerabilities Fixed by 1.25.2, 1.24.3 and 1.23.10 Wordpress Multiple Third Party Plugins Multiple Vulnerabilities IPython JSON Error Responses Multiple XSS Vulnerability Fixed by 3.2 Wordpress Multiple Themes Vulnerabilities IBM WebSphere Application Server Feature Pack for Web Dojo Toolkit Cross-Site Scripting Vulnerabilities IBM WebSphere Application Server Multiple Vulnerabilities IBM Forms Server Dojo Toolkit Cross-Site Scripting Vulnerabilities phpBugTracker Multiple Vulnerabilities BSS BS-Client Multiple Vulnerabilities WordPress mTouch Quiz Plugin "quiz" Cross-Site Scripting and SQL Injection Vulnerabilities Ganesha Digital Library Cross-Site Scripting and SQL Injection Vulnerabilities POSH Weakness and Two Vulnerabilities WordPress DZS Video Gallery Plugin "source" Cross-Site Scripting Vulnerability VideoWhisper Live Streaming "n" Cross-Site Scripting Vulnerability VideoWhisper Video Conference Cross-Site Scripting and File Disclosure Vulnerabilities Cells Blog CMS Cross-Site Scripting and SQL Injection Vulnerabilities WordPress Infocus Theme prettyPhoto Cross-Site Scripting Vulnerability easyXDM name.html Cross-Site Scripting Vulnerability FlatNuke Cross-Site Scripting Vulnerability Web Video Streamer Command Injection and Cross-Site Scripting Vulnerabilities WordPress SEO Link Rotator Plugin "title" Cross-Site Scripting Vulnerability WordPress Photocrati Theme "prod_id" Cross-Site Scripting Vulnerability ITechClassifieds Multiple SQL Injection and Cross-Site Scripting Vulnerabilities Collabtive Script Insertion and SQL Injection Vulnerabilities ManageEngine EventLog Analyzer "j_username" Cross-Site Scripting Vulnerability StivaSoft Car Rental Script Cross-Site Scripting and Request Forgery Vulnerabilities Joomla! Melody Component swfupload Cross-Site Scripting Vulnerability Joomla! AceSearch Component "query" Cross-Site Scripting Vulnerability WordPress April's Super Functions Pack Plugin "page" Cross-Site Scripting Vulnerability ZendTo "emailAddr" Script Insertion Vulnerability WordPress Recommend to a friend Plugin "current_url" Cross-Site Scripting Vulnerability LiveZilla Cross-Site Scripting and Script Insertion Vulnerabilities WordPress JS Hotel Plugin Full Path Disclosure Weakness and Cross-Site Scripting Vulnerabilities Helpdesk Pilot Ticket Script Insertion Vulnerability The Bug Genie Script Insertion and Cross-Site Scripting Vulnerabilities Ganglia Web "host_regex" Cross-Site Scripting Vulnerability Claroline Multiple Cross-Site Scripting Vulnerabilities QuiXplorer Multiple Cross-Site Scripting Vulnerabilities prettyPhoto Cross-Site Scripting Vulnerability Elastix Multiple Cross-Site Scripting Vulnerabilities REDAXO Cross-Site Scripting and Request Forgery Vulnerabilities Practico CMS Cross-Site Scripting and Request Forgery Vulnerabilities Project'Or RIA Cross-Site Scripting and SQL Injection Vulnerabilities Arbor Peakflow X Security Bypass and Cross-Site Scripting Vulnerabilities WordPress MobileChief Plugin jQuery Validation Plugin Cross-Site Scripting Vulnerability WordPress Spreadsheet Plugin Cross-Site Scripting Vulnerability Bilboplanet Cross-Site Scripting and SQL Injection Vulnerabilities osCommerce "products_id" Script Insertion Vulnerability CMS Formulasi Multiple Vulnerabilities Aanval SAS Cross-Site Scripting and SQL Injection Vulnerabilities Posnic Stock Management System Cross-Site Scripting and SQL Injection Vulnerabilities WordPress MORE+ Theme prettyPhoto Cross-Site Scripting Vulnerability ShopDirector "c1" Cross-Site Scripting Vulnerability X2CRM "model" Cross-Site Scripting Vulnerability WikkaWiki "wakka" Cross-Site Scripting Vulnerability Microsoft SharePoint Multiple Vulnerabilities WordPress Design Approval System Plugin "step" Cross-Site Scripting Vulnerability Rnet eShop "n" Cross-Site Scripting Vulnerability WordPress silverOrchid Theme "s" Cross-Site Scripting Vulnerability Twilight CMS Cross-Site Scripting and Arbitrary File Disclosure Vulnerabilities WordPress ThinkIT WP Contact Form Plugin Cross-Site Scripting and Request Forgery Vulnerabilities WordPress BackWPup Plugin "tab" Cross-Site Scripting Vulnerability Quack Chat Cross-Site Scripting and Script Insertion Vulnerabilities Atlassian JIRA "name" Cross-Site Scripting Vulnerability Joomla! "lang" Cross-Site Scripting Vulnerability D-Link DIR-645 Cross-Site Scripting and Buffer Overflow Vulnerabilities WordPress Comment Extra Fields Plugin swfupload Two Cross-Site Scripting Vulnerabilities Jahia xCM Multiple Cross-Site Scripting Vulnerabilities WordPress Better WP Security Plugin 404 Error Log Script Insertion Vulnerability OSSIM Two Cross-Site Scripting Vulnerabilities OSSIM Cross-Site Scripting and SQL Injection Vulnerabilities 2daybiz Multi Level Marketing Software Cross-Site Scripting and SQL Injection Vulnerabilities Saurus CMS Multiple Vulnerabilities Collabtive Multiple Vulnerabilities McAfee ePolicy Orchestrator Multiple Cross-Site Scripting Vulnerabilities Alkacon OpenCms Multiple Cross-Site Scripting Vulnerabilities OpenX Two Cross-Site Scripting Vulnerabilities WordPress Category Grid View Gallery Plugin "ID" Cross-Site Scripting Vulnerability Xorbin Multiple Products "widgetUrl" Cross-Site Scripting Vulnerability Motion Cross-Site Scripting and Request Forgery Vulnerabilities Xaraya Two Cross-Site Scripting Vulnerabilities Linksys E1200 Router "submit_button" Cross-Site Scripting Vulnerability Caucho Resin URL Cross-Site Scripting Vulnerability Telaen Open Redirection Weakness and "f_email" Cross-Site Scripting Vulnerability WordPress ADIF Log Search Widget Plugin "call" Cross-Site Scripting Vulnerability WordPress GRAND FlAGallery Plugin "s" Cross-Site Scripting Vulnerability NetIQ Access Manager Identity Server "Ecom_User_ID" Cross-Site Scripting Vulnerabilities Matterdaddy Market Cross-Site Scripting and SQL Injection Vulnerabilities WordPress Spider Catalog Plugin Cross-Site Scripting and SQL Injection Vulnerabilities WordPress Spider Event Calendar Plugin Security Bypass and Cross-Site Scripting Vulnerabilities Ajax Availability Calendar Multiple Vulnerabilities WordPress Newsletter Plugin "alert" Cross-Site Scripting Vulnerability NetApp OnCommand System Manager "domain-name" and "value" Cross-Site Scripting Vulnerabilities Brother MFC-9970CDW "id" Cross-Site Scripting Vulnerability WordPress Securimage-WP Plugin URL Cross-Site Scripting Vulnerability GetSimple CMS Multiple Vulnerabilities Matrix42 Service Store Cross-Site Scripting Vulnerability WordPress WP Symposium Plugin "u" Cross-Site Scripting Vulnerability Hero Framework "error" Cross-Site Scripting Vulnerability ZAPms "pid" SQL Injection Vulnerability Microsoft Products HTML Sanitisation Component Cross-Site Scripting Vulnerability Zimbra Collaboration Server "dictionary" Cross-Site Scripting Vulnerability WordPress Traffic Analyzer Plugin Two Cross-Site Scripting Vulnerabilities WordPress Feedweb Plugin "wp_post_id" Cross-Site Scripting Vulnerability Atmail WebMail File Name Cross-Site Scripting Vulnerability zClip ZeroClipboard "id" Cross-Site Scripting Vulnerability WordPress WP Banners Lite Plugin "cid" Cross-Site Scripting Vulnerability Jaow CMS "add_ons" Cross-Site Scripting Vulnerability daloRADIUS "error" Two Cross-Site Scripting Vulnerabilities daloRADIUS Multiple Vulnerabilities Scripteen Fun Photo Script Two Cross-Site Scripting Vulnerabilities Dolphin swfupload Two Cross-Site Scripting Vulnerabilities Dotclear Multiple Vulnerabilities InstantCMS swfupload Two Cross-Site Scripting Vulnerabilities WordPress BP Code Snippets Plugin ZeroClipboard Cross-Site Scripting Vulnerability WordPress Click to Copy Grab Box Plugin ZeroClipboard Two Cross-Site Scripting Vulnerabilities WordPress SlideDeck 2 Lite Responsive Content Slider Plugin ZeroClipboard Two Cross-Site Scripting WordPress WP Clone by WP Academy Plugin ZeroClipboard Cross-Site Scripting Vulnerability WordPress PayPal Digital Goods Plugin ZeroClipboard Cross-Site Scripting Vulnerability WordPress Tiny URL Plugin ZeroClipboard Cross-Site Scripting Vulnerability WordPress Buckets Plugin ZeroClipboard Cross-Site Scripting Vulnerability WordPress Cleeng Plug & Go Plugin ZeroClipboard Cross-Site Scripting Vulnerability WordPress GeSHi Source Colorer Plugin ZeroClipboard Cross-Site Scripting Vulnerability WordPress JC Coupon Plugin ZeroClipboard Cross-Site Scripting Vulnerability WordPress MobileView Plugin ZeroClipboard Cross-Site Scripting Vulnerability WordPress Zopim Live Chat Plugin ZeroClipboard Cross-Site Scripting Vulnerability WordPress Snazzy Archives Plugin "tagcloud" Cross-Site Scripting Vulnerability WordPress VKontakte API Plugin "tagcloud" Cross-Site Scripting Vulnerability Your Own Classifieds Cross-Site Scripting Vulnerability HP Intelligent Management Center Multiple Vulnerabilities Batavi Arbitrary Parameter Name Cross-Site Scripting Vulnerability TP-LINK TL-WA701ND Directory Traversal and Cross-Site Request Forgery Vulnerabilities Nconf Path Disclosure Weakness and Cross-Site Scripting Vulnerability WordPress Uploader Plugin Cross-Site Scripting and Arbitrary File Upload Vulnerabilities PHP-Fusion Multiple SQL Injection and Cross-Site Scripting Vulnerabilities EasyWebScripts eBay Clone Script Multiple Cross-Site Scripting and SQL Injection Vulnerabilities glFusion Multiple Cross-Site Scripting Vulnerabilities SonarSource Sonar Multiple Cross-Site Scripting Vulnerabilities Squirrelcart "table" Cross-Site Scripting Vulnerability MIMEsweeper for SMTP Error Message Cross-Site Scripting Vulnerability OpenEMR Multiple Vulnerabilities AbanteCart Multiple Cross-Site Scripting Vulnerabilities Newscoop URL Cross-Site Scripting Vulnerability WordPress Pinboard Theme "tab" Cross-Site Scripting Vulnerability Ganglia Web Multiple Cross-Site Scripting Vulnerabilities ezStats2 for Battlefield 3 Information Disclosure and Cross-Site Scripting Vulnerabilities SiteGo Multiple Vulnerabilities AdaptCMS Multiple Vulnerabilities Cisco Unity Express Cross-Site Scripting and Request Forgery Vulnerabilities Netgear SPH200D Cross-Site Scripting Vulnerability WordPress WP e-Commerce Plugin "cart_messages[]" Cross-Site Scripting Vulnerability Perforce Web Client (P4Web) Multiple Cross-Site Scripting Vulnerabilities gpEasy CMS "section" Cross-Site Scripting Vulnerability Classified Ultra "cname" Cross-Site Scripting and "c" SQL Injection Vulnerabilities phpCAS Certificate Verification Security Issue Quick.Cart admin.php URL Cross-Site Scripting Vulnerability Quick.Cms admin.php URL Cross-Site Scripting Vulnerability Microsoft System Center Operations Manager Cross-Site Scripting Vulnerabilities Website Baker Concert Calendar Add-on Cross-Site Scripting and SQL Injection Vulnerabilities cPanel Multiple Cross-Site Scripting Vulnerabilities ManageEngine MSP Center Plus Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities Elastix Two Local File Inclusion Vulnerabilities Greenstone Information Disclosure and Cross-Site Scripting Vulnerabilities WordPress WooCommerce Predictive Search Plugin "rs" Cross-Site Scripting Vulnerability dotProject "date" Cross-Site Scripting Vulnerability Baby Gekko Multiple Cross-Site Scripting Vulnerabilities Myrephp Business Directory "look" Cross-Site Scripting Vulnerability The FAQ Manager Two SQL Injection Vulnerabilities Intramaps Multiple Vulnerabilities ZPanel Cross-Site Request Forgery and SQL Injection Vulnerabilities bitweaver Multiple Cross-Site Scripting Vulnerabilities VaM Shop Multiple Vulnerabilities Joomla! Freestyle Support Component "prodid" SQL Injection Vulnerability Subrion CMS Cross-Site Scripting and SQL Injection vulnerabilities AContent Security Bypass and SQL Injection Vulnerabilities AContent Cross-Site Scripting and SQL Injection Vulnerabilities vBSEO "u" Cross-Site Scripting Vulnerability OpenX Cross-Site Scripting and SQL Injection Vulnerabilities Microsoft SQL Server Cross-Site Scripting Vulnerability Icy Phoenix Two Cross-Site Scripting Vulnerabilities Zenphoto Multiple Vulnerabilities WordPress Spider Calendar Plugin Cross-Site Scripting and SQL Injection Vulnerabilities WordPress ABC Test Plugin "id" Cross-Site Scripting Vulnerability Wordpress Token Manager Plugin "tid" Cross-Site Scripting Vulnerabilities Fortinet FortiOS (FortiGate) Two Cross-Site Scripting Vulnerabilities TorrentTrader Cross-Site Scripting and SQL Injection Vulnerabilities WordPress MF Gig Calendar Plugin URL Cross-Site Scripting Vulnerability webERP Multiple Vulnerabilities LuxCal Web Calendar Multiple Vulnerabilities TCExam Cross-Site Scripting and SQL Injection Vulnerabilities ViciDial Asterisk GUI Client Two Cross-Site Scripting Vulnerabilities Openfiler Multiple Vulnerabilities Kayako Fusion URL PHPExcel Cross-Site Scripting Vulnerability phpFox "message" Cross-Site Scripting Vulnerability TomatoCart "processForm()" Cross-Site Scripting Vulnerability Phorum Multiple Cross-Site Scripting Vulnerabilities Chamilo Multiple Vulnerabilities OrderSys Two Cross-Site Scripting Vulnerabilities SaltOS URL PHPExcel Cross-Site Scripting Vulnerability ManageEngine OpStor SQL Injection and Cross-Site Scripting Vulnerabilities Flynax General Classifieds Multiple Cross-Site Scripting Vulnerabilities phplist "unconfirmed" Cross-Site Scripting Vulnerability LISTSERV "SHOWTPL" Cross-Site Scripting Vulnerability Baby Gekko URL Cross-Site Scripting Vulnerability InterPhoto Gallery Cross-Site Scripting and Local File Inclusion Vulnerabilities ntop "arbfile" Cross-Site Scripting Vulnerability Mahara Script Insertion and Cross-Site Scripting Vulnerabilities 100 last CVE   CVE-2018-7717 CVE-2018-17397 CVE-2018-17394 CVE-2018-17385 CVE-2018-17384 CVE-2018-17383 CVE-2018-17382 CVE-2018-17380 CVE-2018-17379 CVE-2018-17378 CVE-2018-17377 CVE-2018-17376 CVE-2018-17375 CVE-2017-9337 CVE-2017-9336 CVE-2017-8917 CVE-2017-6098 CVE-2017-6097 CVE-2017-6096 CVE-2017-6095 CVE-2017-2550 CVE-2017-2168 CVE-2017-18345 CVE-2017-17900 CVE-2017-17899 CVE-2017-17898 CVE-2017-17897 CVE-2017-15966 CVE-2017-15965 CVE-2017-1002022 CVE-2017-1002021 CVE-2017-1002020 CVE-2017-1002019 CVE-2017-1002018 CVE-2017-1002017 CVE-2016-8583 CVE-2016-8582 CVE-2016-8581 CVE-2016-8580 CVE-2016-6453 CVE-2016-5099 CVE-2016-5098 CVE-2016-5097 CVE-2016-4999 CVE-2016-3659 CVE-2016-3172 CVE-2016-1915 CVE-2016-1914 CVE-2016-1437 CVE-2016-10134 CVE-2016-1000271 CVE-2016-1000124 CVE-2016-0770 CVE-2016-0769 CVE-2016-0765 CVE-2015-8399 CVE-2015-8398 CVE-2015-8377 CVE-2015-8369 CVE-2015-7670 CVE-2015-7669 CVE-2015-7668 CVE-2015-7667 CVE-2015-7666 CVE-2015-7604 CVE-2015-7527 CVE-2015-7517 CVE-2015-7391 CVE-2015-7390 CVE-2015-7357 CVE-2015-7320 CVE-2015-7319 CVE-2015-6737 CVE-2015-6736 CVE-2015-6735 CVE-2015-6734 CVE-2015-6733 CVE-2015-6732 CVE-2015-6731 CVE-2015-6730 CVE-2015-6729 CVE-2015-6728 CVE-2015-6727 CVE-2015-6238 CVE-2015-5227 CVE-2015-4707 CVE-2015-4706 CVE-2015-2808 CVE-2015-2148 CVE-2015-2147 CVE-2015-2146 CVE-2015-2145 CVE-2015-2144 CVE-2015-2143 CVE-2015-2142 CVE-2015-2015 CVE-2015-2014 CVE-2015-1920 CVE-2015-1916 CVE-2015-0488    Risk level  Moderate