7 matches found
phpBazar <= 2.1.1fix (cid) SQL Injection
No description provided by source. / Author : MizoZ from MA Group : EvilWay, evilwayatmaildotcom Email : mizozxatgmaildotcom Greetz : Zuka, Dyle !! MABROOK L3IIIIIIIIIID / The vulnerability is in the $GET'catid' , exploit :...
phpBazar 'classified.php' SQL Injection Vulnerability
The host is running phpBazar and is prone to SQL Injection vulnerability. OpenVAS Vulnerability Test $Id: gbphpbazarsqlinjvuln.nasl 5323 2017-02-17 08:49:23Z teissa $ phpBazar 'classified.php' SQL Injection Vulnerability Authors: Antu Sanadi Copyright: Copyright c 2010 Greenbone Networks GmbH,...
Sql injection
SQL injection vulnerability in classified.php in phpBazar 2.1.1fix and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter, a different vector than CVE-2008-3767...
phpBazar 2.1.1fix - 'cid' SQL Injection
/ Author : MizoZ from MA Group : EvilWay, evilwayatmaildotcom Email : mizozxatgmaildotcom Greetz : Zuka, Dyle !! MABROOK L3IIIIIIIIIID / The vulnerability is in the $GET'catid' , exploit : http://server/classified.php?catid=2+and+1=0+union+all+select+1,2,3,4,5,6,7--...
Sql injection
SQL injection vulnerability in classified.php in phpBazar 2.0.2 allows remote attackers to execute arbitrary SQL commands via the adid parameter...
CVE-2008-3767
The CVE-2008-3767 entry describes an SQL injection vulnerability in phpBazar 2.0.2, found in classified.php where the adid parameter enables remote arbitrary SQL execution. Root cause is unsafe handling/concatenation of the adid input leading to SQL injection. Affected software: phpBazar 2.0.2, c...
phpBazar <= 2.1.0 Remote (Include/Auth Bypass) Vulnerabilities
Exploit for unknown platform in category web applications ============================================================== phpBazar = 2.1.0 Remote Include/Auth Bypass Vulnerabilities ============================================================== Title: phpBazar = 2.1.0 Multiple vulnerabilites URL:...