24 matches found
EUVD-2001-0422
Malware in sbrugna...
EUVD-2001-1207
Malware in sbrugna...
EUVD-2000-1146
Malware in sbrugna...
EUVD-2001-1034
Malware in sbrugna...
Adcycle 0.77/0.78 AdLibrary.pm Session Access Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2393/info Adcycle is a package of perl scripts available from Adcycle.com. The scripts are designed to manage banner ad rotation through a web interface, backended with a MySQL database. A problem with the suite could all...
Adcycle build.cgi Remote Password Disclosure
The CGI 'build.cgi' is installed. This CGI has a well known security flaw that lets an attacker obtain the password of the remote AdCycle database or delete databases. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
AdCycle does not adequately validate user input thereby allowing for SQL injection
Overview AdCycle does not adequately filter user input, allowing remote attackers to execute arbitrary MySQL queries. Description AdCycle is a shareware banner ad management system written in Perl and designed to work with a MySQL database. AdCycle does not adequately filter multiple unspecified...
CVE-2001-1053
AdLogin.pm in AdCycle 1.15 and earlier allows remote attackers to bypass authentication and gain privileges by injecting SQL code in the $password argument...
CVE-2001-1053
AdLogin.pm in AdCycle 1.15 and earlier allows remote attackers to bypass authentication and gain privileges by injecting SQL code in the $password argument. Affected component: AdLogin.pm in AdCycle. Impact: authentication bypass and privileges escalation (confidentiality, integrity, and availabi...
CVE-2001-1226
CVE-2001-1226 affects AdCycle 1.17 and earlier. The vulnerability arises because user input is not adequately filtered before being used in MySQL queries, enabling remote attackers to execute arbitrary SQL and potentially read or modify data. The CERT/CC advisory confirms the issue and notes no p...
CVE-2001-1226
AdCycle 1.17 and earlier allow remote attackers to modify SQL queries, which are not properly sanitized before being passed to the MySQL database...
CVE-2001-1226
AdCycle 1.17 and earlier allow remote attackers to modify SQL queries, which are not properly sanitized before being passed to the MySQL database...
AdCycle SQL Command Insertion Vulnerability - qDefense Advisory Number QDAV-2001-7-2
AdCycle SQL Command Insertion Vulnerability qDefense Advisory Number QDAV-2001-7-2 Product: AdCycle Vendor: AdCyle http://adcycle.com Severity: Remote; Attacker may gain AdCycle administrator status Versions Affected: Versions up to and including 1.15 Vendor Status: Vendor contacted; has released...
Дырка в AdCycle
Недостаточная проверка ввода опльзователя при составлении SQL-запроса...
CVE-2001-1053
AdLogin.pm in AdCycle 1.15 and earlier allows remote attackers to bypass authentication and gain privileges by injecting SQL code in the $password argument...
CVE-2001-0425
AdLibrary.pm in AdCycle 0.78b allows remote attackers to gain privileges to AdCycle via a malformed Agent: header in the HTTP request, which is inserted into a resulting SQL query that is used to verify login information...
CVE-2001-0425
AdLibrary.pm in AdCycle 0.78b allows remote attackers to gain privileges to AdCycle via a malformed Agent: header in the HTTP request, which is inserted into a resulting SQL query that is used to verify login information...
CVE-2001-0425
CVE-2001-0425 affects AdLibrary.pm in AdCycle 0.78b. The vulnerability stems from a malformed Agent: header in HTTP requests, which is inserted into a login-verification SQL query, enabling remote attackers to gain privileges. Documents explicitly describe the component and the root cause (SQL in...
Adcycle 0.78b Authentication
|---------------------------------------------------------------------------------| / Product: Adcycle Banner Rotation. Vendor URL: www.adcycle.com / Tested on: v0.77 - 0.78b Freeware Linux Vendor Contact: Mailed on 15th January i think Twice with NO reply / Other: Commericial version NOT tested...
Adcycle 0.77/0.78 - AdLibrary.pm Session Access
source: https://www.securityfocus.com/bid/2393/info Adcycle is a package of perl scripts available from Adcycle.com. The scripts are designed to manage banner ad rotation through a web interface, backended with a MySQL database. A problem with the suite could allow remote execution of commands. T...