EUVD-2007-6332

Malware in sbrugna...

EUVD-2007-6243

Malware in sbrugna...

EUVD-2008-2346

Malware in sbrugna...

EUVD-2007-6234

Malware in sbrugna...

EUVD-2007-6242

Malware in sbrugna...

EUVD-2007-6049

Malware in sbrugna...

EUVD-2007-6048

Malware in sbrugna...

EUVD-2007-5085

Malware in sbrugna...

EUVD-2008-6351

Malware in sbrugna...

bcoos 1.0.10 Arcade Module Index.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25790/info The 'bcoos' Arcade module is prone to an SQL-injection vulnerability because it fails to adequately sanitize user-supplied input before using it in an SQL query. A successful exploit may allow an attacker to...

bcoos 1.0.13 'include/common.php' Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31929/info The 'bcoos' program is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing...

bcoos 1.0.10 (lfi / SQL Injection) Multiple Vulnerabilities

No description provided by source. WwW.BugReport.ir AmnPardaz Security Research & Penetration Testing Group Title: Bcoos Multiple Vulnerabilities Vendor: http://www.bcoos.net/ Bugs: Local File Inclusion, Sql Injection Vulnerable Version: bcoos 1.0.10 prior versions also may be affected...

bcoos 1.0.13 - 'file' Parameter Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/29275/info The 'bcoos' program is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability using directory-traversal strings to...

bcoos 1.0.13 'modules/banners/click.php' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31941/info The 'bcoos' program is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

bcoos 1.0.10 /myalbum/ratephoto.php lid Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/26629/info The 'bcoos' program is prone to multiple input-validation vulnerabilities, including SQL-injection issues and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. These...

bcoos 1.0.10 Adresses/Ratefile.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26664/info The 'bcoos' program is prone to an SQL-injection vulnerability because it fails to adequately sanitize user-supplied input before using it in an SQL query. A successful exploit may allow an attacker to compromi...

bcoos 1.0.10 modules/mylinks/ratelink.php lid Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/26629/info The 'bcoos' program is prone to multiple input-validation vulnerabilities, including SQL-injection issues and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. These...

DevTracker Module For bcoos 1.1.11 and E-xoops 1.0.8 Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/27619/info DevTracker module for bcoos and E-xoops is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...

CVE-2008-7036

Multiple cross-site scripting XSS vulnerabilities in index.php in DevTracker module 3.0 for bcoos 1.1.11 and earlier, and DevTracker module 0.20 for E-XooPS 1.0.8 and earlier, allow remote attackers to inject arbitrary web script or HTML via the 1 direction and 2 orderby parameters...

Sql injection

SQL injection vulnerability in modules/adresses/viewcat.php in bcoos 1.0.13, and possibly earlier, allows remote authenticated users with Addresses module permissions to execute arbitrary SQL commands via the cid parameter...