19 matches found
EUVD-2012-5582
Malware in sbrugna...
EUVD-2012-5581
Malware in sbrugna...
CVE-2012-5699
BabyGekko before 1.2.4 allows PHP file inclusion...
CVE-2012-5698
BabyGekko before 1.2.4 has SQL injection...
CVE-2012-5698
BabyGekko before 1.2.4 has SQL injection...
CVE-2012-5699
BabyGekko before 1.2.4 allows PHP file inclusion...
Sql injection
BabyGekko before 1.2.4 has SQL injection...
Arbitrary file deletion
BabyGekko before 1.2.4 allows PHP file inclusion...
CVE-2012-5698
BabyGekko before 1.2.4 has SQL injection...
CVE-2012-5698
CVE-2012-5698 (BabyGekko) has concrete details: multiple vulnerabilities in 1.2.x families. SQL Injection in admin/index.php when app=users (keyword) and login CSRF possibility, plus SQL injection via admin/index.php (query) and remote-authenticated user vectors; Local File Inclusion (CVE-2012-56...
CVE-2012-5699
CVE-2012-5699 affects BabyGekko prior to 1.2.4, with multiple vulnerabilities including PHP File Inclusion (LFI via index.php, app parameter), SQL Injection (CSRF-enabled in admin/index.php with app=users or similar), and XSS (in admin/index.php and templates). Root cause: insufficient input vali...
CVE-2012-5699
BabyGekko before 1.2.4 allows PHP file inclusion...
BabyGekko 1.2.2e Multiple Vulnerabilities
No description provided by source. Advisory ID: HTB23122 Product: BabyGekko Vendor: babygekko.com Vulnerable Versions: 1.2.2e and probably prior Tested Version: 1.2.2e Vendor Notification: October 24, 2012 Vendor Patch: November 4, 2012 Public Disclosure: November 14, 2012 Vulnerability Type: SQL...
Multiple vulnerabilities in BabyGekko
Advisory ID: HTB23122 Product: BabyGekko Vendor: babygekko.com Vulnerable Versions: 1.2.2e and probably prior Tested Version: 1.2.2e Vendor Notification: October 24, 2012 Vendor Patch: November 4, 2012 Public Disclosure: November 14, 2012 Vulnerability Type: SQL Injection CWE-89, PHP File Inclusi...
BabyGekko 1.2.2e - Multiple Vulnerabilities
Advisory ID: HTB23122 Product: BabyGekko Vendor: babygekko.com Vulnerable Versions: 1.2.2e and probably prior Tested Version: 1.2.2e Vendor Notification: October 24, 2012 Vendor Patch: November 4, 2012 Public Disclosure: November 14, 2012 Vulnerability Type: SQL Injection CWE-89, PHP File Inclusi...
BabyGekko 1.2.2e XSS / LFI / SQL Injection Vulnerabilities
BabyGekko version 1.2.2e suffers from cross site scripting, local file inclusion, and remote SQL injection vulnerabilities. Product: BabyGekko 1.2.2e Vendor: babygekko.com Vulnerable Versions: 1.2.2e and probably prior Tested Version: 1.2.2e Vendor Notification: October 24, 2012 Vendor Patch:...
BabyGekko 1.2.2e - Multiple Vulnerabilities
BabyGekko 1.2.2e - Multiple Vulnerabilities Advisory ID: HTB23122 Product: BabyGekko Vendor: babygekko.com Vulnerable Versions: 1.2.2e and probably prior Tested Version: 1.2.2e Vendor Notification: October 24, 2012 Vendor Patch: November 4, 2012 Public Disclosure: November 14, 2012 Vulnerability...
BabyGekko 1.2.2e XSS / LFI / SQL Injection
Advisory ID: HTB23122 Product: BabyGekko Vendor: babygekko.com Vulnerable Versions: 1.2.2e and probably prior Tested Version: 1.2.2e Vendor Notification: October 24, 2012 Vendor Patch: November 4, 2012 Public Disclosure: November 14, 2012 Vulnerability Type: SQL Injection CWE-89, PHP File Inclusi...
Multiple vulnerabilities in BabyGekko
High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in BabyGekko, which can be exploited to include local PHP files, perform SQL Injection and Cross-Site Scripting XSS attacks. 1 Multiple SQL Injections in BabyGekko: CVE-2012-5698 Two SQL injections exist in BabyGekko...