16 matches found
EUVD-2008-3542
Malware in sbrugna...
EUVD-2008-2517
Malware in sbrugna...
Battle.net Clan Script <= 1.5.x Remote SQL Injection Exploit
No description provided by source. !/usr/bin/perl -w download script : http://sourceforge.net/project/showfiles.php?groupid=142506&packageid=156487 Battle.net Clan Script = 1.5.x - Remote SQL Inj Exploit Founded by : Stack-Terrorist v40 Contact: Ev!L Greetz : Houssamix & All muslims HaCkeRs : Fuc...
Sql injection
Multiple SQL injection vulnerabilities in index.php in Battle.net Clan Script 1.5.2 allow remote attackers to execute arbitrary SQL commands via the 1 showmember parameter in a members action and the 2 thread parameter in a board action. NOTE: vector 1 might be the same as CVE-2008-2522...
CVE-2008-3556
CVE-2008-3556 covers multiple SQL injection vulnerabilities in index.php of Battle.net Clan Script 1.5.2. Exploitation targets include the showmember parameter in the members action and the thread parameter in the board action, enabling remote execution of arbitrary SQL commands. The entry notes ...
CVE-2008-3556
Multiple SQL injection vulnerabilities in index.php in Battle.net Clan Script 1.5.2 allow remote attackers to execute arbitrary SQL commands via the 1 showmember parameter in a members action and the 2 thread parameter in a board action. NOTE: vector 1 might be the same as CVE-2008-2522...
Battle.net Clan Script 1.5.x - index.php Multiple SQL Injections
Battle.net Clan Script 1.5.x - index.php Multiple SQL Injections source: https://www.securityfocus.com/bid/30565/info Battle.net Clan Script is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input before using it in an SQL query. Exploiting...
CVE-2008-2522
The CVE-2008-2522 entry concerns SQL injection in members.php of Battle.net Clan Script for PHP 1.5.3 and earlier. When magic_quotes_gpc is disabled, remote attackers can inject SQL through the showmember parameter in a members action. The NVD note specifies a CVSS v2 base score of 6.8 (Network a...
Battle.net Clan脚本members.php文件SQL注入漏洞
BUGTRAQ ID: 29166 Battle.net clan管理系统使用MySQL后端,允许用户方便的升级和维护web站点。 Battle.net Clan脚本的members.php文件没有正确地过滤对showmember参数的输入便在SQL查询中使用,如果将page参数设置为members的话,这允许远程攻击者通过控制SQL查询请求执行SQL注入攻击。成功攻击要求禁用了magicquotesgpc。 ryanhowdy Battle.net clan 1.5.3 ryanhowdy ---------...
Battle.net Clan Script <= 1.5.x Remote SQL Injection Exploit
Exploit for unknown platform in category web applications ================================================= Clan Script div Members Rank Member Name Email Date Joined ?phpmysqlselectdb$mysqldb or diemysqlerror; $sql = 'SELECT bcsmembers.id, bcsmembers.name, bcsmembers.email, bcsmembers.date,...
Battle.net Clan Script for PHP 1.5.1 Remote SQL Injection Vulnerability
script : Battle.net Clan Script 1.5 file : login.php attack : injection sql auteur : h a c k e r X code : ------------------------------------------------------------------------------------------ line 9 -- $user = $POST'user'; line 10-- $pass = $POST'pass'; ..... ..... ..... line 21--...
CVE-2007-1909
The CVE-2007-1909 entry refers to a SQL injection vulnerability in the Battle.net Clan Script for PHP (version 1.5.1 and earlier). The flaw is in login.php and allows remote attackers to execute arbitrary SQL commands via the (1) user or (2) pass parameter. This can impact confidentiality, integr...
battlenet-sql.txt
script : Battle.net Clan Script 1.5 file : login.php attack : injection sql auteur : h a c k e r X code : ------------------------------------------------------------------------------------------ line 9 -- $user = $POST'user'; line 10-- $pass = $POST'pass'; ..... ..... ..... line 21--...
Battle.net Clan Script for PHP 1.5.1 Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ======================================================================= Battle.net Clan Script for PHP 1.5.1 Remote SQL Injection Vulnerability ======================================================================= script : Battle.net Cla...
Battle.net Clan Script for PHP 1.5.1 - SQL Injection
Battle.net Clan Script for PHP 1.5.1 - SQL Injection script : Battle.net Clan Script 1.5 file : login.php attack : injection sql auteur : h a c k e r X code : ------------------------------------------------------------------------------------------ line 9 -- $user = $POST'user'; line 10-- $pass ...
Battle.net Clan Script for PHP 1.5.1 - SQL Injection
script : Battle.net Clan Script 1.5 file : login.php attack : injection sql auteur : h a c k e r X code : ------------------------------------------------------------------------------------------ line 9 -- $user = $POST'user'; line 10-- $pass = $POST'pass'; ..... ..... ..... line 21--...