EUVD-2007-4090

Malware in sbrugna...

EUVD-2007-5676

Malware in sbrugna...

CodeWidgets Web Based Alpha Tabbed Address Book Index.ASP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26193/info CodeWidgets Web Based Alpha Tabbed Address Book is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue cou...

Code Widget DataBound Collapsible Menu (ASP) SQL injection

Exploit for asp platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

Code Widgets Databound Shopping Cart SQL Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 inj3ct0r 1337 Day Team 1 0 0...

CVE-2007-5704

Multiple SQL injection vulnerabilities in CodeWidgets.com Online Event Registration Template allow remote attackers to execute arbitrary SQL commands via the 1 Email Address and 2 Password fields in a login.asp and b adminlogin.asp...

CodeWidgets Web Based Alpha Tabbed Address Book Index.ASP SQL注入漏洞

CodeWidgets Web Based Alpha Tabbed Address Book是一款基于ASP的WEB应用程序。 CodeWidgets Web Based Alpha Tabbed Address Book不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞进行SQL攻击，获得敏感信息或操作数据库。 问题是由于'index.asp'脚本对用户提交的'alpha'参数缺少过滤，提交恶意SQL查询作为参数数据，可更改原来的SQL逻辑，攻击者可以获得敏感信息或操作数据库。 CodeWidgets Web Based Alpha Tabbed Address Book...

[Aria-Security.Net] CodeWidgets.Com Online Event Registration Multiple login SQL Injection

http://Aria-Security.Net ------------------------------------- CodeWidgets.Com Online Event Registration Poc Normal User account: login.asp Email address: ' UNION SELECT FROM users password: Aria-Security.Net Admin Panel: adminlogin.asp Email address: ' UNION SELECT FROM admin Password:...

CodeWidgets Web Based Alpha Tabbed Address Book - 'index.asp' SQL Injection

source: https://www.securityfocus.com/bid/26193/info CodeWidgets Web Based Alpha Tabbed Address Book is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise...

CVE-2007-4106

SQL injection vulnerability in login.asp in CodeWidgets Pay Roll - Time Sheet and Punch Card Application With Web Interface allows remote attackers to execute arbitrary SQL commands via the Password parameter...

Sql injection

SQL injection vulnerability in login.asp in CodeWidgets Pay Roll - Time Sheet and Punch Card Application With Web Interface allows remote attackers to execute arbitrary SQL commands via the Password parameter...

CVE-2007-4106

The CVE concerns SQL injection in the login.asp of CodeWidgets Pay Roll - Time Sheet and Punch Card Application With Web Interface. The vulnerability allows remote attackers to execute arbitrary SQL commands via the Password parameter, implying an injection flaw in authentication logic. Connected...

CVE-2007-4106

SQL injection vulnerability in login.asp in CodeWidgets Pay Roll - Time Sheet and Punch Card Application With Web Interface allows remote attackers to execute arbitrary SQL commands via the Password parameter...

mbthreaded-sql.txt

A R I A - S E C U R I T Y Message Board / Threaded Discussion Forum SQL INJECTION Vendor: http://www.codewidgets.com http://target.com/PATH/signin.aspx Username: admin Password: anything' OR 'x'='x Credits: Aria-Security Team http://aria-security.net http://outlaw.aria-security.info...

webstore-sql.txt

A R I A - S E C U R I T Y WebStore - Online Store Application Template SQL INJECTION Vendor: http://www.codewidgets.com http://target.com/PATH/signin.aspx Username: admin Password: anything' OR 'x'='x Credits: Aria-Security Team http://aria-security.net http://outlaw.aria-security.info...

WebEvents: Online Event Registration Template Username Fields SQL INJECTION

A R I A - S E C U R I T Y WebEvents: Online Event Registration Template Username Field SQL Injection Vendor: http://www.codewidgets.com http://target.com/PATH/signin.aspx Username: admin Password: anything' OR 'x'='x Credits: Aria-Security Team http://aria-security.net...