E-Xoops 1.0.5/1.0.8 adresses/ratefile.php lid Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/26796/info E-Xoops is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...

bcoos 1.0.10 Adresses/Ratefile.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26664/info The 'bcoos' program is prone to an SQL-injection vulnerability because it fails to adequately sanitize user-supplied input before using it in an SQL query. A successful exploit may allow an attacker to compromi...

E-Xoop SQL注入漏洞

E-Xoops是一款WEB应用程序。 E-Xoops不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞进行SQL注入攻击，可获得敏感信息或操作数据库。 问题是由于脚本对用户提交的WEB参数缺少过滤，提交恶意SQL查询作为参数数据，可更改原来的SQL逻辑，获得敏感信息或操作数据库。 E-Xoops E-Xoops 1.0.8 E-Xoops E-Xoops 1.0.5 Rev3 E-Xoops E-Xoops 1.0.5 Rev2 E-Xoops E-Xoops 1.0.5 Rev1 目前没有解决方案提供： http://phpxref.com/xref/exoops/nav.html...

bcoos-sql.txt

Bcoops adresses/ratefile.php lid variable SQL injection vendor url: http://www.bcoops.net Advisore: http://lostmon.blogspot.com/2007/11/ bcoops-adressesratefilephp-lid-variable.html vendor notify:NO exploits available: YES bcoos is content-community management system written in PHP-MySQL. bcoops...