EUVD-2006-6066

Malware in sbrugna...

EUVD-2007-2337

Malware in sbrugna...

CreaDirectory 1.2 search.asp search Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21230/info Creascripts creadirectory is prone to multiple input-validation vulnerabilities, inculding SQL-injection issues and a cross-site scripting issue, because the application fails to sufficiently sanitize...

CreaDirectory 1.2 search.asp category Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/21230/info Creascripts creadirectory is prone to multiple input-validation vulnerabilities, inculding SQL-injection issues and a cross-site scripting issue, because the application fails to sufficiently sanitize...

CreaDirectory 1.2 addlisting.asp cat Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21230/info Creascripts creadirectory is prone to multiple input-validation vulnerabilities, inculding SQL-injection issues and a cross-site scripting issue, because the application fails to sufficiently sanitize...

Sql injection

SQL injection vulnerability in error.asp in CreaScripts CreaDirectory 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2006-6083...

CVE-2007-2342

SQL injection vulnerability in error.asp in CreaScripts CreaDirectory 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2006-6083...

CVE-2007-2342

SQL injection vulnerability in error.asp in CreaScripts CreaDirectory 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2006-6083...

CVE-2007-2342

CVE-2007-2342 describes an SQL injection in error.asp of CreaScripts CreaDirectory 1.2. The vulnerability allows remote attackers to execute arbitrary SQL commands via the id parameter, as a different vector from CVE-2006-6083. According to the NVD entry, the issue is exploitable over a network w...

CreaDirectory 1.2 (error.asp id) Remote SQL Injection Vulnerability

No description provided by source. Title : CreaDirectory v1.2 Remote SQL Injection Vulnerability Author : CyberGhost Demo Page : http://www.creadirectory.com Script Page : http://www.creascripts.com/creadirectory.asp Vuln. Username :...

CreaDirectory 1.2 - error.asp?id SQL Injection

CreaDirectory 1.2 - error.asp?id SQL Injection Title : CreaDirectory v1.2 Remote SQL Injection Vulnerability Author : CyberGhost Demo Page : http://www.creadirectory.com Script Page : http://www.creascripts.com/creadirectory.asp Vuln. Username :...

CreaDirectory 1.2 - 'error.asp?id' SQL Injection

Title : CreaDirectory v1.2 Remote SQL Injection Vulnerability Author : CyberGhost Demo Page : http://www.creadirectory.com Script Page : http://www.creascripts.com/creadirectory.asp Vuln. Username : /error.asp?id=-1+union+select+0,1,2,username,4,5,6,7,8,9,0,1,2,3,4,5+from+members Password :...

CreaDirectory v1.2 Remote SQL Injection Vulnerability

Title : CreaDirectory v1.2 Remote SQL Injection Vulnerability Author : CyberGhost Demo Page : http://www.creadirectory.com Script Page : http://www.creascripts.com/creadirectory.asp Vuln. Username : /error.asp?id=-1+union+select+0,1,2,username,4,5,6,7,8,9,0,1,2,3,4,5+from+members Password :...

CreaDirectory 1.2 (error.asp id) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications =================================================================== CreaDirectory 1.2 error.asp id Remote SQL Injection Vulnerability =================================================================== Title : CreaDirectory v1.2 Remote SQL...

creadirector.txt

vendor site: http://www.creascripts.com/ product:creadirectory bug: injection sql & xss risk : medium injection sql: /search.asp?search=1&submit=Search&category='sql xss: /addlisting.asp?cat=xss /search.asp?search=xss laurent gaffié & benjamin mossé http://s-a-p.ca/ contact: [email protected]...

CVE-2006-6082

Multiple cross-site scripting XSS vulnerabilities in CreaScripts Creadirectory allow remote attackers to inject arbitrary web script or HTML via the 1 cat parameter to addlisting.asp or the 2 search parameter to search.asp...

CVE-2006-6083

SQL injection vulnerability in search.asp in CreaScripts Creadirectory allows remote attackers to execute arbitrary SQL commands via the category parameter...

CVE-2006-6082

Multiple cross-site scripting XSS vulnerabilities in CreaScripts Creadirectory allow remote attackers to inject arbitrary web script or HTML via the 1 cat parameter to addlisting.asp or the 2 search parameter to search.asp...

CVE-2006-6082

CVE-2006-6082 affects the CreaScripts Creadirectory component. The documented issue is multiple XSS vulnerabilities that allow remote attackers to inject arbitrary script or HTML via the (1) cat parameter to addlisting.asp or (2) the search parameter to search.asp. The root cause is insufficient ...

CVE-2006-6083

The CVE-2006-6083 entry affects CreaScripts Creadirectory : the vulnerability is an SQL injection in the search.asp page where the category parameter is unsafely used. This allows remote attackers to execute arbitrary SQL commands. The known impact is consistent with an attacker gaining unauthori...