EUVD-2008-4129

Malware in sbrugna...

EUVD-2008-4128

Malware in sbrugna...

addalink <= 4 Write Approved Links Remote Vulnerability

No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= addalink = 4 - beta / Write approved links without a previous moderation by the admin -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= $...

CVE-2008-4145

SQL injection vulnerability in userreadlinks.php in Addalink 1.0 beta 4 and earlier, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the categoryid parameter...

CVE-2008-4146

Addalink 1.0 beta 4 and earlier allows remote attackers to 1 approve web-site additions via a modified approved field and 2 change the visit-counter value via a modified counter field...

Sql injection

SQL injection vulnerability in userreadlinks.php in Addalink 1.0 beta 4 and earlier, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the categoryid parameter...

Code injection

Addalink 1.0 beta 4 and earlier allows remote attackers to 1 approve web-site additions via a modified approved field and 2 change the visit-counter value via a modified counter field...

CVE-2008-4145

SQL injection vulnerability in userreadlinks.php in Addalink 1.0 beta 4 and earlier, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the categoryid parameter...

CVE-2008-4146

Addalink 1.0 beta 4 and earlier allows remote attackers to 1 approve web-site additions via a modified approved field and 2 change the visit-counter value via a modified counter field...

CVE-2008-4145

CVE-2008-4145 describes an SQL injection in Addalink 1.0 beta 4 and earlier, exploitable when magic_quotes_gpc is disabled. The vulnerability affects user_read_links.php via the category_id parameter, allowing remote command execution with partial confidentiality, integrity, and availability impa...

CVE-2008-4146

Affected software: Addalink 1.0 beta 4 and earlier. Vulnerable component/function: website configuration fields processed by Addalink that allow remote modification. Root cause/impact: an attacker can remotely alter the approved field to approve site additions and modify the counter field to chan...

addalink-wal.txt

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= addalink eNYe-Sec - www.enye-sec.org Linklist is a miniwebsite that you can use in your webpage. Basically it manages a database of links using PHP+MySQL. Users can send links url, description, etc by a form an...

addalink <= 4 Write Approved Links Remote Vulnerability

Exploit for unknown platform in category web applications ======================================================= addalink = 4 Write Approved Links Remote Vulnerability =======================================================...

addalink 4 Beta - Write Approved Links

addalink 4 Beta - Write Approved Links -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= addalink eNYe-Sec - www.enye-sec.org Linklist is a miniwebsite that you can use in your webpage. Basically it manages a database of links using PHP+MySQL. Users can send...