17 matches found
EUVD-2007-3921
Malware in sbrugna...
EUVD-2007-3920
Malware in sbrugna...
A-shop <= 0.70 Remote File Deletion Vulnerability
No description provided by source. A-shop =0.70 Multiple vulnerabilities Found Bug: Timq site:http://private-node.net email:[email protected] Vendor:http://www.rammdev.com/ashop/ PoC: http://site.com/admin/filebrowser.asp?folder=products&delfiles=del any file on server It is possible to delete no...
Sql injection
Multiple SQL injection vulnerabilities in A-shop 0.70 and earlier allow remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2007-3937
Multiple SQL injection vulnerabilities in A-shop 0.70 and earlier allow remote attackers to execute arbitrary SQL commands via unspecified vectors...
Directory traversal
Directory traversal vulnerability in admin/filebrowser.asp in A-shop 0.70 and earlier, and possibly 0.71, allows remote attackers to delete arbitrary files via unspecified filename references in the delfiles parameter...
CVE-2007-3936
Directory traversal vulnerability in admin/filebrowser.asp in A-shop 0.70 and earlier, and possibly 0.71, allows remote attackers to delete arbitrary files via unspecified filename references in the delfiles parameter...
CVE-2007-3937
Multiple SQL injection vulnerabilities in A-shop 0.70 and earlier allow remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2007-3936
Directory traversal vulnerability in admin/filebrowser.asp in A-shop 0.70 and earlier, and possibly 0.71, allows remote attackers to delete arbitrary files via unspecified filename references in the delfiles parameter...
CVE-2007-3937
CVE-2007-3937 concerns Multiple SQL injection vulnerabilities in A-shop 0.70 and earlier. The available sources indicate that unsanitized inputs in the application allow remote attackers to execute arbitrary SQL commands via unspecified vectors. Affected software: A-shop (version 0.70 and earlier...
CVE-2007-3936
CVE-2007-3936 describes a directory traversal vulnerability in admin/filebrowser.asp of the A-shop software, affecting version 0.70 and earlier, and possibly 0.71. The issue allows remote attackers to delete arbitrary files via unspecified filename references in the delfiles parameter. The connec...
A-shop 0.70 Remote File Deletion Vulnerability
No description provided by source. A-shop =0.70 Multiple vulnerabilities Found Bug: Timq site:http://private-node.net email:[email protected] Vendor:http://www.rammdev.com/ashop/ PoC: http://site.com/admin/filebrowser.asp?folder=products&delfiles=del any file on server It is possible to delete no...
ashop-multi.txt
A-shop =0.70 Multiple vulnerabilities Found Bug: Timq site:http://private-node.net email:[email protected] Vendor:http://www.rammdev.com/ashop/ PoC: http://site.com/admin/filebrowser.asp?folder=products&delfiles=del any file on server It is possible to delete not only the files in the folders...
A-shop 0.70 - Remote File Deletion
A-shop 0.70 - Remote File Deletion A-shop =0.70 Multiple vulnerabilities Found Bug: Timq site:http://private-node.net email:[email protected] Vendor:http://www.rammdev.com/ashop/ PoC: http://site.com/admin/filebrowser.asp?folder=products&delfiles=del any file on server It is possible to delete no...
A-shop 0.70 - Remote File Deletion
A-shop =0.70 Multiple vulnerabilities Found Bug: Timq site:http://private-node.net email:[email protected] Vendor:http://www.rammdev.com/ashop/ PoC: http://site.com/admin/filebrowser.asp?folder=products&delfiles=del any file on server It is possible to delete not only the files in the folders...
A-shop <= 0.70 Remote File Deletion Vulnerability
Exploit for asp platform in category web applications ================================================= A-shop = 0.70 Remote File Deletion Vulnerability ================================================= A-shop =0.70 Multiple vulnerabilities Found Bug: Timq Vendor:http://www.rammdev.com/ashop/ PoC...
A-shop v0.70 SQL INECTION
Product : A-shop Version : v0.70 Vulnerability : SQL INJECTION http://www.rammdev.com/ashop/demo/default.asp?mod=search&type=simple&q='SQLINJECTION'&cmdSearch=Search Example ; http://www.rammdev.com/ashop/demo/default.asp?mod=search&type=simple&q='unionselect201,1,1,120from20users'&cmdSearch=Sear...