379 matches found
CVE-2006-4976
CVE-2006-4976 : The Date Library in John Lim ADOdb Library for PHP permits remote information disclosure via direct requests to a large set of files across the package. Affected areas include: server.php, adodb-.inc.php (adodb-errorpear.inc.php, adodb-iterator.inc.php, adodb-pear.inc.php, adodb-p...
CVE-2006-4785
SQL injection vulnerability in blog/edit.php in Moodle 1.6.1 and earlier allows remote attackers to execute arbitrary SQL commands via the format parameter as stored in the $blogEntry variable, which is not properly handled by the insertrecord function, which calls adodbcolumnsql in the adodb lay...
CVE-2006-4785
SQL injection vulnerability in blog/edit.php in Moodle 1.6.1 and earlier allows remote attackers to execute arbitrary SQL commands via the format parameter as stored in the $blogEntry variable, which is not properly handled by the insertrecord function, which calls adodbcolumnsql in the adodb lay...
CVE-2006-4785
SQL injection vulnerability in blog/edit.php in Moodle 1.6.1 and earlier allows remote attackers to execute arbitrary SQL commands via the format parameter as stored in the $blogEntry variable, which is not properly handled by the insertrecord function, which calls adodbcolumnsql in the adodb lay...
CVE-2006-4785
Moodle
ADOdb Date Library Full path Bugs
Hello,, ADOdb Date Library, part of the ADOdb abstraction library Full path bugs Discovered By : HACKERS PAL Copy rights : HACKERS PAL Website : http://www.soqor.net Email Address : [email protected] ADOdb Date Library, part of the ADOdb abstraction library Full path adodb/server.php...
CVE-2006-4618
PHP remote file inclusion vulnerability in adodb-postgres7.inc.php in John Lim ADOdb, possibly 4.01 and earlier, as used in Intechnic In-link 2.3.4, allows remote attackers to execute arbitrary PHP code via a URL in the ADODBDIR parameter...
CVE-2006-4605
The CVE describes a PHP remote file inclusion vulnerability in Longino Jacome php-Revista 1.1.2, exploitable via the adodb parameter in index.php, allowing remote attackers to execute arbitrary PHP code. The NVD entry records a CVSS v2 base score of 7.5 (HIGH) with network attack vector and low a...
CVE-2006-4618
CVE-2006-4618 : PHP remote file inclusion in the ADODB PostgreSQL integration (adodb-postgres7.inc.php) within John Lim ADOdb, potentially affected versions ≤ 4.01, used by Intechnic In-link 2.3.4. An attacker can supply a URL via the ADODB_DIR parameter to execute arbitrary PHP code on the serve...
inlink234.txt
================================================================= in-link =2.3.4 adodb-postgres7.inc.php Remote File Inclusion Exploit ================================================================ Critical Level : Dangerous By Saudi Hackrz http://www.in-portal.net/...
CVE-2004-2664
The CVE-2004-2664 entry concerns the John Lim ADOdb Library for PHP prior to 4.23. The vulnerability arises when direct requests to certain scripts cause ADODB_DIR to be undefined, leading to an error message that reveals the installation path. This is an information-disclosure flaw that can aid ...
CVE-2004-2664
John Lim ADOdb Library for PHP before 4.23 allows remote attackers to obtain sensitive information via direct requests to certain scripts that result in an undefined value of ADODBDIR, which reveals the installation path in an error message...
CVE-2004-2664
John Lim ADOdb Library for PHP before 4.23 allows remote attackers to obtain sensitive information via direct requests to certain scripts that result in an undefined value of ADODBDIR, which reveals the installation path in an error message...
CVE-2006-4618
PHP remote file inclusion vulnerability in adodb-postgres7.inc.php in John Lim ADOdb, possibly 4.01 and earlier, as used in Intechnic In-link 2.3.4, allows remote attackers to execute arbitrary PHP code via a URL in the ADODBDIR parameter...
In-link <= 2.3.4 (ADODB_DIR) Remote File Include Vulnerabilities
No description provided by source. ================================================================= in-link =2.3.4 adodb-postgres7.inc.php Remote File Inclusion Exploit ================================================================ Critical Level : Dangerous By Saudi Hackrz...
In-link 2.3.4 - ADODB_DIR Remote File Inclusion
In-link 2.3.4 - ADODBDIR Remote File Inclusion ================================================================= in-link =2.3.4 adodb-postgres7.inc.php Remote File Inclusion Exploit ================================================================ Critical Level : Dangerous By Saudi Hackrz...
in-link <=2.3.4 (adodb-postgres7.inc.php) Remote File Inclusion Exploit
================================================================= in-link =2.3.4 adodb-postgres7.inc.php Remote File Inclusion Exploit ================================================================ Critical Level : Dangerous By Saudi Hackrz http://www.in-portal.net/...
In-link 2.3.4 - 'ADODB_DIR' Remote File Inclusion
================================================================= in-link =2.3.4 adodb-postgres7.inc.php Remote File Inclusion Exploit ================================================================ Critical Level : Dangerous By Saudi Hackrz http://www.in-portal.net/...
Tikiwiki: SQL injection and multiple XSS vulnerabilities
Background Tikiwiki is a web-based groupware and content management system CMS, using PHP, ADOdb and Smarty. Description Tikiwiki fails to properly sanitize user input before processing it, including in SQL statements. Impact An attacker could execute arbitrary SQL statements on the underlying...
ADODB 4.64.7 - Tmssql.php Cross-Site Scripting
ADODB 4.64.7 - Tmssql.php Cross-Site Scripting source: https://www.securityfocus.com/bid/18638/info ADOdb is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the...