EUVD-2008-6580

Malware in sbrugna...

EUVD-2008-6581

Malware in sbrugna...

ClassSystem 2.0/2.3 - class/ApplyDB.php Unrestricted File Upload Arbitrary Code Execution

No description provided by source. source: http://www.securityfocus.com/bid/29372/info ClassSystem is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. These issues include multiple SQL-injection vulnerabilities and an...

ClassSystem 2.0/2.3 - HomepageMain.php teacher_id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/29372/info ClassSystem is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. These issues include multiple SQL-injection vulnerabilities and an...

ClassSystem 2.0/2.3 - HomepageTop.php teacher_id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/29372/info ClassSystem is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. These issues include multiple SQL-injection vulnerabilities and an...

ClassSystem 2.0/2.3 - MessageReply.php teacher_id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/29372/info ClassSystem is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. These issues include multiple SQL-injection vulnerabilities and an...

Sql injection

Multiple SQL injection vulnerabilities in ClassSystem 2.3 allow remote attackers to execute arbitrary SQL commands via the teacherid parameter in 1 class/HomepageMain.php and 2 class/HomepageTop.php, and 3 the messageid parameter in class/MessageReply.php...

Unrestricted file upload

Unrestricted file upload vulnerability in class/ApplyDB.php in ClassSystem 2.3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in class/UploadHomepage/...

CVE-2008-6618

Multiple SQL injection vulnerabilities in ClassSystem 2.3 allow remote attackers to execute arbitrary SQL commands via the teacherid parameter in 1 class/HomepageMain.php and 2 class/HomepageTop.php, and 3 the messageid parameter in class/MessageReply.php...

CVE-2008-6619

Unrestricted file upload vulnerability in class/ApplyDB.php in ClassSystem 2.3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in class/UploadHomepage/...

CVE-2008-6618

Multiple SQL injection vulnerabilities in ClassSystem 2.3 allow remote attackers to execute arbitrary SQL commands via the teacherid parameter in 1 class/HomepageMain.php and 2 class/HomepageTop.php, and 3 the messageid parameter in class/MessageReply.php...

CVE-2008-6619

Unrestricted file upload vulnerability in class/ApplyDB.php in ClassSystem 2.3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in class/UploadHomepage/...

CVE-2008-6619

CVE-2008-6619 affects ClassSystem 2.3, via an unrestricted file upload vulnerability in class/ApplyDB.php that allows remote attackers to execute arbitrary code by uploading a file with an executable extension and accessing it through a direct request to the file in class/UploadHomepage/. The con...

CVE-2008-6618

CVE-2008-6618 affects ClassSystem 2.3. The vulnerability consists of multiple SQL injection flaws allowing remote attackers to execute arbitrary SQL commands via the teacher_id parameter in class/HomepageMain.php and class/HomepageTop.php, and via the message_id parameter in class/MessageReply.ph...

ClassSystem 2.02.3 - HomepageMain.php?teacher_id SQL Injection

ClassSystem 2.02.3 - HomepageMain.php?teacherid SQL Injection source: https://www.securityfocus.com/bid/29372/info ClassSystem is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. These issues include multiple SQL-injection...

ClassSystem 2.02.3 - MessageReply.php?teacher_id SQL Injection

ClassSystem 2.02.3 - MessageReply.php?teacherid SQL Injection source: https://www.securityfocus.com/bid/29372/info ClassSystem is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. These issues include multiple SQL-injection...

ClassSystem 2.02.3 - classApplyDB.php Unrestricted Arbitrary File Upload Arbitrary Code Execution

ClassSystem 2.02.3 - classApplyDB.php Unrestricted Arbitrary File Upload Arbitrary Code Execution source: https://www.securityfocus.com/bid/29372/info ClassSystem is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. These issues inclu...

ClassSystem 2.02.3 - HomepageTop.php?teacher_id SQL Injection

ClassSystem 2.02.3 - HomepageTop.php?teacherid SQL Injection source: https://www.securityfocus.com/bid/29372/info ClassSystem is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. These issues include multiple SQL-injection...

ClassSystem 2.0/2.3 - 'HomepageMain.php?teacher_id' SQL Injection

source: https://www.securityfocus.com/bid/29372/info ClassSystem is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. These issues include multiple SQL-injection vulnerabilities and an arbitrary-file-upload vulnerability. Exploiting...

ClassSystem 2.0/2.3 - 'HomepageTop.php?teacher_id' SQL Injection

source: https://www.securityfocus.com/bid/29372/info ClassSystem is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. These issues include multiple SQL-injection vulnerabilities and an arbitrary-file-upload vulnerability. Exploiting...