12 matches found
EUVD-2012-5774
Malware in sbrugna...
EUVD-2021-11311
Malware in sbrugna...
Sql injection
The checkorder function of The Sorter WordPress plugin through 1.0 uses an areaid parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection...
WordPress SQL注入漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on PHP and MySQL servers. A SQL injection vulnerability exists in Sorter WordPress plugin 1.0 and earlier versions, which stems fro...
OpenExpert 0.5.17 Cross Site Scripting
Title : Openexpert 0.5.17 - Cross Site Scripting Author: Nassim Asrir Author Company: Henceforth Tested on: Winxp sp3 - win7 Vendor: https://sourceforge.net/projects/law-expert/ Download Software: https://sourceforge.net/projects/law-expert/files/ About The Product : OpenExpert. Dual use Web base...
OpenExpert 0.5.17 SQL Injection
Title : Openexpert 0.5.17 - Sql Injection Author: Nassim Asrir Author Company: Henceforth Tested on: Winxp sp3 - win7 Vendor: https://sourceforge.net/projects/law-expert/ Download Software: https://sourceforge.net/projects/law-expert/files/ About The Product : OpenExpert. Dual use Web based and...
Openexpert 0.5.17 - area_id SQL Injection
Openexpert 0.5.17 - areaid SQL Injection Title : Openexpert 0.5.17 - Sql Injection Author: Nassim Asrir Author Company: Henceforth Tested on: Winxp sp3 - win7 Vendor: https://sourceforge.net/projects/law-expert/ Download Software: https://sourceforge.net/projects/law-expert/files/ About The Produ...
Openexpert 0.5.17 - SQL Injection Vulnerability
Exploit for php platform in category web applications Title : Openexpert 0.5.17 - Sql Injection Author: Nassim Asrir Author Company: Henceforth Tested on: Winxp sp3 - win7 Vendor: https://sourceforge.net/projects/law-expert/ Download Software: https://sourceforge.net/projects/law-expert/files/...
Openexpert 0.5.17 - 'area_id' SQL Injection
Title : Openexpert 0.5.17 - Sql Injection Author: Nassim Asrir Author Company: Henceforth Tested on: Winxp sp3 - win7 Vendor: https://sourceforge.net/projects/law-expert/ Download Software: https://sourceforge.net/projects/law-expert/files/ About The Product : OpenExpert. Dual use Web based and...
帝友P2P借贷系统SQL注入通杀#1
简要描述: =。= 详细说明: 模块:省市信息联动插件(通杀V4.0,3.1) 基于后台读数据库出数据的省市信息联动插件,省市区变量直接转int即可! Location:./?plugins&q=areas&areaid=174 http://www.diyou.cc/?plugins&q=areas&areaid=174 GET参数areaid未有效过滤导致存在注入 通知存在注入点,未做进一步测试,赶紧赶紧赶紧修复! python sqlmap.py -u "http://www.diyou.cc/?plugins&q=areas&areaid=174" -p "areaid"...
CVE-2012-5900
Multiple SQL injection vulnerabilities in SAMEDIA LandShop 0.9.2 allow remote attackers to execute arbitrary SQL commands via the 1 OBID parameter in a single action to admin/action/objects.php, 2 AREAID parameter in a single action to admin/action/areas.php, or 3 start parameter in a show action...
CVE-2012-5900
Multiple SQL injection vulnerabilities in SAMEDIA LandShop 0.9.2 allow remote attackers to execute arbitrary SQL commands via the 1 OBID parameter in a single action to admin/action/objects.php, 2 AREAID parameter in a single action to admin/action/areas.php, or 3 start parameter in a show action...