CVE-2008-5488

SQL injection vulnerability in admin.php in E-topbiz Domain Shop 2 allows remote attackers to execute arbitrary SQL commands via the passfromform parameter...

CVE-2008-5125

admin.php in CCleague Pro 1.2 allows remote attackers to bypass authentication by setting the type cookie value to admin...

CVE-2008-5123

SQL injection vulnerability in admin.php in CCleague Pro 1.2 allows remote attackers to execute arbitrary SQL commands via the u parameter...

Sql injection

SQL injection vulnerability in admin.php in CCleague Pro 1.2 allows remote attackers to execute arbitrary SQL commands via the u parameter...

Authentication flaw

admin.php in CCleague Pro 1.2 allows remote attackers to bypass authentication by setting the type cookie value to admin...

CVE-2008-5123

CVE-2008-5123 affects CCleague Pro 1.2. The vulnerability is a SQL injection in admin.php where the u parameter allows remote attackers to execute arbitrary SQL commands. Documented impact indicates partial confidentiality, integrity, and availability. No explicit patch/version remediation is pro...

CVE-2008-5125

CCleague Pro 1.2 is affected; admin.php allows remote authentication bypass by setting the type cookie value to admin. Root cause: insufficient validation of the type cookie enabling access to privileged state. Impact per sources is partial confidentiality, integrity, and availability concerns du...

CVE-2008-5125

admin.php in CCleague Pro 1.2 allows remote attackers to bypass authentication by setting the type cookie value to admin...

Sql injection

SQL injection vulnerability in Pro Chat Rooms 3.0.3, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the gud parameter to 1 profiles/index.php and 2 profiles/admin.php...

TurnkeyForms Text Link Sales - 'id' Cross-Site Scripting / SQL Injection

turnkeyforms Text Link Sales Remote Sql inj & xss ---------------------------------------------------------- Discovered By: ZoRLu Date: 14.11.2008 Home: www.z0rlu.blogspot.com contact: [email protected] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : my bug number now: 43 my target bug number...

CVE-2008-4913

CVE-2008-4913: LokiCMS (versions 0.3.3 and earlier) contains a directory traversal flaw in admin.php where an attacker can use a .. in the delete parameter to delete arbitrary files. The connected documents confirm the affected product/version and the underlying cause (directory traversal) but do...

CVE-2008-4913

Directory traversal vulnerability in admin.php in LokiCMS 0.3.3 and earlier allows remote attackers to delete arbitrary files via a .. dot dot in the delete parameter...

maranphpshop-insecure.txt

Maran PHP Shop admin.php Insecure Cookie Handling Vulnerability url: http://www.maran.pamil-visions.com/maranshop.php Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was written for educational purpose. Use it at your own risk...

CVE-2008-4901

SQL injection vulnerability in admin/admin.php in Article Publisher Pro 1.5 allows remote attackers to execute arbitrary SQL commands via the username parameter...

CVE-2008-4901

The CVE-2008-4901 entry documents a SQL injection in Article Publisher Pro 1.5. Affected component: admin/admin.php, parameter username. Root cause is improper handling of user-supplied input enabling arbitrary SQL execution by remote attackers. Impact is partial confidentiality, integrity, and a...

Maran PHP Shop (admin.php) Insecure Cookie Handling Vulnerability

No description provided by source. Maran PHP Shop admin.php Insecure Cookie Handling Vulnerability url: http://www.maran.pamil-visions.com/maranshop.php Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was written for educational...

Maran PHP Shop - admin.php Insecure Cookie Handling

Maran PHP Shop - admin.php Insecure Cookie Handling Maran PHP Shop admin.php Insecure Cookie Handling Vulnerability url: http://www.maran.pamil-visions.com/maranshop.php Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was writte...

Maran PHP Shop (admin.php) Insecure Cookie Handling Vulnerability

Exploit for unknown platform in category web applications ================================================================= Maran PHP Shop admin.php Insecure Cookie Handling Vulnerability ================================================================= Maran PHP Shop admin.php Insecure Cookie...

Maran PHP Shop - 'admin.php' Insecure Cookie Handling

Maran PHP Shop admin.php Insecure Cookie Handling Vulnerability url: http://www.maran.pamil-visions.com/maranshop.php Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was written for educational purpose. Use it at your own risk...

CVE-2008-4877

SQL injection vulnerability in admin.php in WebCards 1.3, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the user parameter. NOTE: some of these details are obtained from third party information...