35 matches found
EUVD-2005-1033
Malware in sbrugna...
EUVD-2009-4404
Malware in sbrugna...
EUVD-2005-1032
Malware in sbrugna...
MAL-2024-8864 Malicious code in create-auction-house (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c2211dcc1cfcd557e8c971ec03d126ef506517e91d0037f89be0bfb34265f0b5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in create-auction-house (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c2211dcc1cfcd557e8c971ec03d126ef506517e91d0037f89be0bfb34265f0b5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CultureIndex.sol#_vote() - Creators of certain piece can vote for their piece
Lines of code Vulnerability details Impact In CultureIndex there is a function vote that allows users to vote for a piece to get sold on the auction house. Each piece has creators that get cut of the sale. The problem is that there is no checks if the user voting for a certain piece is it's own...
Active Auction House Default.ASP Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/13032/info Active Auction House is reportedly affected by multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL querie...
Active Auction House ItemInfo.ASP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13034/info Active Auction House is reportedly affected by a SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in a SQL query. Successfu...
Active Auction House start.asp ReturnURL Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/13036/info Active Auction House is reportedly affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may...
Active Auction House Sendpassword.ASP Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/13038/info Active Auction House is reportedly affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may...
Active Auction House WatchThisItem.ASP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13039/info Active Auction House is reportedly affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this iss...
Active Auction House 3.6 - Blind SQL Injection Vulnerability
No description provided by source. ? ?????????????????????????In The Name Of Allah The Mercifull?????????????????????? ? Tybe: wishlist.asp catid Blind SQL Injection Vulnerability Vendor: www.activewebsoftwares.com Software: Active Auction House v 3.6 author: R3d-D3v!L Date: 17.dec.2009 T!ME: 10:...
Active Bids search.asp search Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/33306/info Active Auction House and Active Auction Pro are prone to SQL-injection and cross-site scripting vulnerabilities because they fail to sufficiently sanitize user-supplied data. Exploiting these issues could allow...
Sql injection
Multiple SQL injection vulnerabilities in Active Auction House 3.6 allow remote attackers to execute arbitrary SQL commands via the 1 catid parameter to wishlist.asp and the 2 linkid parameter to links.asp. NOTE: vector 1 might overlap CVE-2005-1029.1...
CVE-2009-4437
Multiple SQL injection vulnerabilities in Active Auction House 3.6 allow remote attackers to execute arbitrary SQL commands via the 1 catid parameter to wishlist.asp and the 2 linkid parameter to links.asp. NOTE: vector 1 might overlap CVE-2005-1029.1...
CVE-2009-4437
CVE-2009-4437 affects Active Auction House 3.6. It has multiple SQL injection vulnerabilities allowing remote attackers to execute arbitrary SQL via the catid parameter to wishlist.asp and the linkid parameter to links.asp (vector 1 may overlap CVE-2005-1029). The description notes the issue is i...
Active Auction House 3.6 Blind SQL Injection
? ?????????????????????????In The Name Of Allah The Mercifull?????????????????????? ? Tybe: wishlist.asp catid Blind SQL Injection Vulnerability Vendor: www.activewebsoftwares.com Software: Active Auction House v 3.6 author: R3d-D3v!L Date: 17.dec.2009 T!ME: 10:06 pm ? Home: WwW.xP10.ME ? contact...
Active Auction House v 3.6 Blind SQL Injection Vulnerability
No description provided by source. ? ?????????????????????????In The Name Of Allah The Mercifull?????????????????????? ? Tybe: wishlist.asp catid Blind SQL Injection Vulnerability Vendor: www.activewebsoftwares.com Software: Active Auction House v 3.6 author: R3d-D3v!L Date: 17.dec.2009 T!ME: 10:...
Active Auction House 3.6 - Blind SQL Injection
Active Auction House 3.6 - Blind SQL Injection ? ?????????????????????????In The Name Of Allah The Mercifull?????????????????????? ? Tybe: wishlist.asp catid Blind SQL Injection Vulnerability Vendor: www.activewebsoftwares.com Software: Active Auction House v 3.6 author: R3d-D3v!L Date: 17.dec.20...
Active Auction House v 3.6 Blind SQL Injection Vulnerability
Exploit for unknown platform in category web applications ============================================================ Active Auction House v 3.6 Blind SQL Injection Vulnerability ============================================================ ? ?????????????????????????In The Name Of Allah The...