48 matches found
CVE-2007-2854
CVE-2007-2854 describes multiple SQL injection vulnerabilities in the PHP script account_change.php of BtiTracker 1.4.1 and earlier . The vulnerability is exploitable via the parameters style or langue , allowing remote attackers to execute arbitrary SQL commands. The vulnerability description in...
CVE-2007-2854
Multiple SQL injection vulnerabilities in accountchange.php in BtiTracker 1.4.1 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 style or 2 langue parameter...
btitracker-sql.txt
BtiTracker =v1.4.1 Remote SQL Injection Exploit Discovered by: m@ge|ozz - [email protected] Vulnerabitity: Remote Sql Injection / Problem: Any user can be Administrator Website Vendor: http://www.btiteam.org Vulnerable Code accountchange.php: if isset$GET"style" @mysqlquery"UPDATE users SET...
BtiTracker <= 1.4.1 (become admin) Remote SQL Injection Vulnerability
No description provided by source. BtiTracker =v1.4.1 Remote SQL Injection Exploit Discovered by: m@ge|ozz - [email protected] Vulnerabitity: Remote Sql Injection / Problem: Any user can be Administrator Website Vendor: http://www.btiteam.org Vulnerable Code accountchange.php: if isset$GET"style"...
BtiTracker <= 1.4.1 (become admin) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ===================================================================== BtiTracker = 1.4.1 become admin Remote SQL Injection Vulnerability ===================================================================== BtiTracker =v1.4.1 Remote SQL...
BtiTracker 1.4.1 - Become Admin SQL Injection
BtiTracker 1.4.1 - Become Admin SQL Injection BtiTracker =v1.4.1 Remote SQL Injection Exploit Discovered by: m@ge|ozz - [email protected] Vulnerabitity: Remote Sql Injection / Problem: Any user can be Administrator Website Vendor: http://www.btiteam.org Vulnerable Code accountchange.php: if...
BtiTracker 1.4.1 - Become Admin SQL Injection
BtiTracker =v1.4.1 Remote SQL Injection Exploit Discovered by: m@ge|ozz - [email protected] Vulnerabitity: Remote Sql Injection / Problem: Any user can be Administrator Website Vendor: http://www.btiteam.org Vulnerable Code accountchange.php: if isset$GET"style" @mysqlquery"UPDATE users SET...
Vulnerability in Btitracker
Hello, I found a vulnerability in btitracker a tool for create a bittorrent tracker written in php…. This vulnerability can remove physically uploaded files .torrent video : http://aeroxteam.free.fr/btitracker.html exploitnot to diffuse : form...