CVE-2009-2023

CVE-2009-2023 affects Shop-Script Pro 2.12. The vulnerability is a SQL injection in index.php that is exploitable when magic_quotes_gpc is disabled, allowing remote attackers to execute arbitrary SQL commands via the current_currency parameter. The description is consistent across NVD, CVE List, ...

CVE-2009-2018

CVE-2009-2018 is a SQL injection vulnerability in the admin/index.php of Jared Eckersley’s MyCars. When magic_quotes_gpc is disabled, an attacker can craft the authuserid parameter to execute arbitrary SQL commands. The NVD entry rates it as a Medium impact (CVSSv2 6.8) with partial impact on con...

phpBugTracker 'index.php' SQL Injection Vulnerability

The host is running phpBugTracker and is prone to SQL Injection Vulnerability. OpenVAS Vulnerability Test $Id: gbphpbugtrackersqlinjvuln.nasl 4869 2016-12-29 11:01:45Z teissa $ phpBugTracker 'index.php' SQL Injection Vulnerability Authors: Antu Sanadi Copyright: Copyright c 2009 Greenbone Network...

CVE-2009-2010

Multiple SQL injection vulnerabilities in Haudenschilt Family Connections CMS FCMS 1.9 and earlier allow remote authenticated users to execute arbitrary SQL commands via the 1 thread parameter to messageboard.php, 2 member parameter to profile.php, 3 pid parameter to gallery/index.php, and the 4...

Shop Script Pro 2.12 Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ================================================= Shop Script Pro 2.12 Remote SQL Injection Exploit ================================================= !/usr/bin/perl =about VENDOR Shop Script Pro 2.12 maybe other versions vulnerable too...

Supernews 2.6 - index.php?noticia SQL Injection

Supernews 2.6 - index.php?noticia SQL Injection Supernews 2.6 SQL Injection Vulnability Download: http://phpbrasil.com/script-download/vT0FaOCySSH/5817 Discovered by Observing and DD3str0y3r Collaps3 CREW - Made In Brazil Dork: Supernews 2.6 Example:...

Podcast Generator 1.2 - Unauthorized Re-Installation

$file.$ext $Ldeleted"; / Explanation code snippet above points ----------------------------------------------------------------------------------- 1. blocks all 'amilogged' REQUEST variables,what about GLOBALS?,therefore useless! 2. if 'amilogged' isn't true - exit function activated. 3. unlink...

Open-school 1.0 (id) Remote SQL Injection Vulnerability

No description provided by source. Cms : Open-school Version : 1.0 Archivo : Index.php Parametro : id Sitio :http://open-school.org Url Vulnz :http://site.com/index.php?module=osnews&view=show&id=SQLI Demo Injection: Admin User,Pass:...

Sql injection

SQL injection vulnerability in index.php in phpBugTracker 1.0.3 allows remote attackers to execute arbitrary SQL commands via the password parameter...

Sql injection

Multiple SQL injection vulnerabilities in index.php in Kensei Board 2.0 BETA aka 2.0.0b and earlier allow remote attackers to execute arbitrary SQL commands via the 1 f and 2 t parameters in a showforum action...

CVE-2009-1848

SQL injection vulnerability in the JoomlaMe AgoraGroups aka AG or comagoragroup component 0.3.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a groupdetail action to index.php...

CVE-2009-1850

SQL injection vulnerability in index.php in phpBugTracker 1.0.3 allows remote attackers to execute arbitrary SQL commands via the password parameter...

Open-school 1.0 - 'id' SQL Injection

Cms : Open-school Version : 1.0 Archivo : Index.php Parametro : id Sitio :http://open-school.org Url Vulnz :http://site.com/index.php?module=osnews&view=show&id=SQLI Demo Injection: Admin User,Pass:...

Online Grades & Attendance 3.2.6 - Multiple SQL Injections

|| || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O ¡PROUD TO BE SPANISH! ---------------------------------------------------------------------------------------------- | MULTIPLE SQL...

Open-school 1.0 (id) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ======================================================= Open-school 1.0 id Remote SQL Injection Vulnerability ======================================================= Cms : Open-school Version : 1.0 Archivo : Index.php Parametro : id Sitio...

Open-school 1.0 - id SQL Injection

Open-school 1.0 - id SQL Injection Cms : Open-school Version : 1.0 Archivo : Index.php Parametro : id Sitio :http://open-school.org Url Vulnz :http://site.com/index.php?module=osnews&view=show&id=SQLI Demo Injection: Admin User,Pass:...

CVE-2009-1813

Multiple SQL injection vulnerabilities in admin/index.php in Submitter Script 2 allow remote attackers to execute arbitrary SQL commands via 1 the uNev parameter aka the username field or 2 the uJelszo parameter aka the Password field...

CVE-2009-1813

CVE-2009-1813 affects Submitter Script 2, specifically the admin/index.php component. It is vulnerable to SQL injection through two parameters, uNev (username) and uJelszo (password), allowing remote attackers to execute arbitrary SQL commands. The NVD entry lists a CVSS v2 base score of 7.5 (HIG...

CVE-2009-1804

Multiple SQL injection vulnerabilities in admin/index.php in VideoScript.us YouTube Video Script allow remote attackers to execute arbitrary SQL commands via the 1 username and 2 password parameters...

CVE-2009-1801

Multiple cross-site scripting XSS vulnerabilities in FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, allow remote attackers to inject arbitrary web script or HTML via the 1 display parameter to reports.php, the 2 order and 3 extdisplay parameters to config.php, and the 4 so...