111 matches found
CVE-2012-4476
CVE-2012-4476 is an XSS vulnerability in the Drupal Drag & Drop Gallery module 6.x. The issue arises in the module’s file handling/uploads logic, with vectors not publicly specified in the provided docs. An advisory notes exploitation exists and that there is no patch; mitigation is to disable an...
Sql injection
SQL injection vulnerability in the Gallery module 1.3 for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the aid parameter in a showalbum action to index.php. NOTE: some of these details are obtained from third party information. NOTE: this issue was disclosed by an...
CVE-2008-4804
The CVE-2008-4804 entry describes an SQL injection in the Gallery module 1.3 for PHP-Nuke, allowing remote attackers to execute arbitrary SQL via the aid parameter in showalbum (index.php). Affected component: Gallery module 1.3 for PHP-Nuke; root cause: unsanitized input in the showalbum action ...
CVE-2008-4804
SQL injection vulnerability in the Gallery module 1.3 for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the aid parameter in a showalbum action to index.php. NOTE: some of these details are obtained from third party information. NOTE: this issue was disclosed by an...
CVE-2008-4778
SQL injection vulnerability in the gallery module in Koobi CMS 4.3.0 allows remote attackers to execute arbitrary SQL commands via the galid parameter in a showimages action...
Sql injection
SQL injection vulnerability in the gallery module in Koobi CMS 4.3.0 allows remote attackers to execute arbitrary SQL commands via the galid parameter in a showimages action...
CVE-2008-1425
SQL injection vulnerability in index.php in the gallery module in Easy-Clanpage 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a kate action...
CVE-2008-1425
CVE-2008-1425 is a SQL injection vulnerability in Easy-Clanpage 2.2, affecting the gallery module’s index.php. The flaw allows remote attackers to execute arbitrary SQL commands through the id parameter in a kate action, enabling potentially unauthorized data access or manipulation. Affected soft...
easyclanpage-sql.txt
.-=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=-. Easy-Clanpage v2.2 gallery Remote SQL Injection Vulnerability .-=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=-. + Author: n3w7u + Mail: [email protected] + Source:...
Easy-Clanpage 2.2 (id) Remote SQL Injection Vulnerability
No description provided by source. .-=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=-. Easy-Clanpage v2.2 gallery Remote SQL Injection Vulnerability .-=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=-. + Author: n3w7u + Mail: [email protected] + Source:...
Easy-Clanpage 2.2 (id) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ========================================================= Easy-Clanpage 2.2 id Remote SQL Injection Vulnerability ========================================================= .-=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=-...
Easy-Clanpage 2.2 - id SQL Injection
Easy-Clanpage 2.2 - id SQL Injection .-=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=-. Easy-Clanpage v2.2 gallery Remote SQL Injection Vulnerability .-=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=-. + Author: n3w7u + Mail: [email protected] + Source:...
Easy-Clanpage 2.2 - 'id' SQL Injection
.-=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=-. Easy-Clanpage v2.2 gallery Remote SQL Injection Vulnerability .-=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=-. + Author: n3w7u + Mail: [email protected] + Source:...
MKPortal 1.1 Gallery Module - SQL Injection
source: https://www.securityfocus.com/bid/26860/info MKPortal is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacker to compromise the application, access or...
Lanius CMS 1.2.14 GALLERY Module - gid SQL Injection
Lanius CMS 1.2.14 GALLERY Module - gid SQL Injection source: https://www.securityfocus.com/bid/25193/info LANAI CMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow ...
Lanius CMS 1.2.14 GALLERY Module - 'gid' SQL Injection
source: https://www.securityfocus.com/bid/25193/info LANAI CMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or...
CVE-2007-3814
Multiple SQL injection vulnerabilities in MKPortal 1.1.1 allow remote attackers to execute arbitrary SQL commands via 1 the idurlo field in the deleteurlo function in a index.php in the urlobox module; the iden field in the 2 updatefile and 3 delfile functions in b index.php in the reviews module...
CVE-2007-3814
CVE-2007-3814 documents multiple SQL injection vulnerabilities in MKPortal 1.1.1 that allow remote attackers to execute arbitrary SQL commands through numerous parameters in index.php across several modules (urlobox, reviews, news, gallery, downloads), including idurlo, iden, idnews, idcomm, ide,...
MkPortal <= 1.1.1 reviews / gallery modules SQL Injection Exploit
Exploit for unknown platform in category web applications ================================================================= MkPortal = 1.1.1 reviews / gallery modules SQL Injection Exploit ================================================================= ?php / i MkPortal "reviews" and "gallery"...
CVE-2006-3608
The Gallery module in Simone Vellei Flatnuke 2.5.7 and earlier, when Gallery uploads are enabled, does not restrict the extensions of uploaded files that begin with a GIF header, which allows remote authenticated users to execute arbitrary PHP code via an uploaded .php file...