20 matches found
EUVD-2005-2065
Malware in sbrugna...
EUVD-2005-2064
Malware in sbrugna...
ActiveBuyandSell 6.2 - (buyersend.asp catid) Blind SQL Injection Vulnerability
No description provided by source. ? ?????????????????????????In The Name Of Allah The Mercifull?????????????????????? ? Tybe: buyersend.asp catid Blind SQL Injection Vulnerability Vendor: :www.activewebsoftwares.com Software: ActiveBuyandSell v 6.2 author: R3d-D3v!L Date: 18.dec.2009 T!ME: 12:00...
ActiveBuyandSell 6.2 Blind SQL Injection
? ?????????????????????????In The Name Of Allah The Mercifull?????????????????????? ? Tybe: buyersend.asp catid Blind SQL Injection Vulnerability Vendor: :www.activewebsoftwares.com Software: ActiveBuyandSell v 6.2 author: R3d-D3v!L Date: 18.dec.2009 T!ME: 12:00 am ? Home: WwW.xP10.ME ? contact:...
ActiveBuyandSell 6.2 - buyersend.asp?catid Blind SQL Injection
ActiveBuyandSell 6.2 - buyersend.asp?catid Blind SQL Injection ? ?????????????????????????In The Name Of Allah The Mercifull?????????????????????? ? Tybe: buyersend.asp catid Blind SQL Injection Vulnerability Vendor: :www.activewebsoftwares.com Software: ActiveBuyandSell v 6.2 author: R3d-D3v!L...
ActiveBuyandSell v6.2 (buyersend.asp catid) Blind SQL Injection
Exploit for unknown platform in category web applications ============================================================================= ActiveBuyandSell v6.2 buyersend.asp catid Blind SQL Injection Vulnerability ============================================================================= ?...
ActiveBuyandSell 6.2 - 'buyersend.asp?catid' Blind SQL Injection
? ?????????????????????????In The Name Of Allah The Mercifull?????????????????????? ? Tybe: buyersend.asp catid Blind SQL Injection Vulnerability Vendor: :www.activewebsoftwares.com Software: ActiveBuyandSell v 6.2 author: R3d-D3v!L Date: 18.dec.2009 T!ME: 12:00 am ? Home: WwW.xP10.ME ? contact:...
ActiveBuyAndSell BuyerSend.ASP SQL注入漏洞
ActiveBuyAndSell是一款基于ASP的WEB应用程序。 ActiveBuyAndSell不正确过滤用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,可获得敏感信息。 问题是'BuyerSend.ASP'脚本对用户提交的'catid'参数缺少过滤,提交恶意SQL代码作为参数数据,可导致更改原来的SQL逻辑,获得敏感信息。 Active Web Softwares ActiveBuyandSell 6.2 目前没有解决方案提供: http://activewebsoftwares.com/productinfo.aspx?productid=8&Tabopen=...
ActiveBuyandSell 6.2 (buyersend.asp catid) SQL Injection Vulnerability
No description provided by source. Title : Active BuyandSell Remote SQL Injection Vulnerability Author : CyberGhost Demo Page : http://www.activewebsoftwares.com/demoactivebuyandsell Script Page : http://www.activewebsoftwares.com/productinfo.aspx?productid=8 Vuln. Username :...
ActiveBuyandSell 6.2 (buyersend.asp catid) SQL Injection Vulnerability
Exploit for unknown platform in category web applications ====================================================================== ActiveBuyandSell 6.2 buyersend.asp catid SQL Injection Vulnerability ====================================================================== Title : Active BuyandSell...
ActiveBuyandSell 6.2 - buyersend.asp?catid SQL Injection
ActiveBuyandSell 6.2 - buyersend.asp?catid SQL Injection Title : Active BuyandSell Remote SQL Injection Vulnerability Author : CyberGhost Demo Page : http://www.activewebsoftwares.com/demoactivebuyandsell Script Page : http://www.activewebsoftwares.com/productinfo.aspx?productid=8 Vuln. Username ...
ActiveBuyandSell 6.2 - 'buyersend.asp?catid' SQL Injection
Title : Active BuyandSell Remote SQL Injection Vulnerability Author : CyberGhost Demo Page : http://www.activewebsoftwares.com/demoactivebuyandsell Script Page : http://www.activewebsoftwares.com/productinfo.aspx?productid=8 Vuln. Username :...
CVE-2005-2063
Multiple cross-site scripting XSS vulnerabilities in ActiveBuyAndSell 6.2 allow remote attackers to inject arbitrary web script or HTML via the 1 Title parameter to sendpassword.asp or 2 Keyword field in search.asp...
CVE-2005-2062
Multiple SQL injection vulnerabilities in ActiveBuyAndSell 6.2 allow remote attackers to execute arbitrary SQL commands via the catid parameter to 1 default.asp or 2 buyersend.asp, 3 Administrator ID field in admin.asp, E-mail field in 4 advertiserstart.asp or 5 buyer.asp, or Keyword field in...
CVE-2005-2063
Multiple cross-site scripting XSS vulnerabilities in ActiveBuyAndSell 6.2 allow remote attackers to inject arbitrary web script or HTML via the 1 Title parameter to sendpassword.asp or 2 Keyword field in search.asp...
CVE-2005-2063
ActiveBuyAndSell 6.2 is affected by multiple cross-site scripting (XSS) vulnerabilities. The flaws allow remote attackers to inject arbitrary web script or HTML via (1) the Title parameter to sendpassword.asp and (2) the Keyword field in search.asp. The available documents identify the vulnerable...
CVE-2005-2062
Multiple SQL injection vulnerabilities in ActiveBuyAndSell 6.2 allow remote attackers to execute arbitrary SQL commands via the catid parameter to 1 default.asp or 2 buyersend.asp, 3 Administrator ID field in admin.asp, E-mail field in 4 advertiserstart.asp or 5 buyer.asp, or Keyword field in...
CVE-2005-2062
CVE-2005-2062 affects ActiveBuyAndSell 6.2. Multiple SQL injection vulnerabilities allow remote attackers to execute arbitrary SQL commands via the catid parameter to (1) default.asp or (2) buyersend.asp, (3) Administrator ID field in admin.asp, E-mail field in (4) advertiserstart.asp or (5) buye...
Echo Security Advisory 2005.21
--------------------------------------------------------------------------- ECHOADV21$2005 MUltiple Vulnarable In ActiveBuyAndSell --------------------------------------------------------------------------- Author: Dedi Dwianto Date: June, 24th 2005 Location: Indonesia, Jakarta Web:...
[ECHO_ADV_21$2005] MUltiple Vulnarable In ActiveBuyAndSell
--------------------------------------------------------------------------- ECHOADV21$2005 MUltiple Vulnarable In ActiveBuyAndSell --------------------------------------------------------------------------- Author: Dedi Dwianto Date: June, 24th 2005 Location: Indonesia, Jakarta Web:...