20 matches found
EUVD-2008-4139
Malware in sbrugna...
EUVD-2007-6623
Malware in sbrugna...
CustomCMS 3.1 'vars.php' SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27069/info CustomCMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...
CustomCMS Persistent XSS Vulnerability
Exploit for php platform in category web applications ====================================== CustomCMS Persistent XSS Vulnerability ====================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/...
CustomCMS Gaming Portal Shell Upload
Exploit Title: Upload Vulnerability in CustomCMS Gaming Portal Date: 26-apr-2010 Author: Sid3^effects Software Link: N/a CVE : Code : ------------------------------------------------------------------------ Upload Vulnerability in CustomCMS Gaming Portal Vendor:http://customcms.net/...
CVE-2008-4156
SQL injection vulnerability in print.php in CustomCms CCMS Gaming Portal 4.0, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2008-4156
SQL injection vulnerability in print.php in CustomCms CCMS Gaming Portal 4.0, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2008-4156
CVE-2008-4156 affects the CustomCms (CCMS) Gaming Portal 4.0. The vulnerability is a SQL injection in print.php via the id parameter when magic_quotes_gpc is disabled. This creates a risk of arbitrary SQL execution by a remote attacker. The available documents do not provide specific affected ver...
Sql injection
SQL injection vulnerability in print.php in CustomCms CCMS Gaming Portal 4.0, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter...
CustomCMS CCMS Gaming 'print.php' SQL注入漏洞
BUGTRAQ ID: 30787 CNCAN ID:CNCAN-2008082203 CustomCMS CCMS Gaming是一款基于PHP的WEB应用程序。 CustomCMS CCMS Gaming不正确过滤用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,获得敏感信息或操作数据库。 问题是'print.php'脚本对用户提交的'id'参数缺少过滤,提交恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息或操作数据库。 CustomCms CCMS Gaming 4.0 目前没有解决方案提供: http://customcms.net/index.php...
CustomCMS 4.0 (CCMS) print.php Remote SQL Injection Vulnerability
No description provided by source. Author: !DoktOR! Date found: 21.08.08 Product: CCMS Gaming Portal Version: 4.0 The price: $55 URL: customcms.net Vulnerability Class: SQL injection print.php Vuln code: $q = mysqlquery"SELECT from ccmsnewscomments WHERE wid='$id'"; magicquotesgpc = Off...
CustomCMS 4.0 - print.php SQL Injection
CustomCMS 4.0 - print.php SQL Injection Author: !DoktOR! Date found: 21.08.08 Product: CCMS Gaming Portal Version: 4.0 The price: $55 URL: customcms.net Vulnerability Class: SQL injection print.php Vuln code: $q = mysqlquery"SELECT from ccmsnewscomments WHERE wid='$id'"; magicquotesgpc = Off...
CustomCMS 4.0 (CCMS) print.php Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ================================================================= CustomCMS 4.0 CCMS print.php Remote SQL Injection Vulnerability =================================================================...
CustomCMS 4.0 - 'print.php' SQL Injection
Author: !DoktOR! Date found: 21.08.08 Product: CCMS Gaming Portal Version: 4.0 The price: $55 URL: customcms.net Vulnerability Class: SQL injection print.php Vuln code: $q = mysqlquery"SELECT from ccmsnewscomments WHERE wid='$id'"; magicquotesgpc = Off http://localhost/installdir/ Exploit:...
Sql injection
SQL injection vulnerability in admin.php/vars.php in CustomCMS CCMS 3.1 Demo allows remote attackers to execute arbitrary SQL commands via the p parameter in the Console page...
CVE-2007-6658
SQL injection vulnerability in admin.php/vars.php in CustomCMS CCMS 3.1 Demo allows remote attackers to execute arbitrary SQL commands via the p parameter in the Console page...
CVE-2007-6658
SQL injection vulnerability in admin.php/vars.php in CustomCMS CCMS 3.1 Demo allows remote attackers to execute arbitrary SQL commands via the p parameter in the Console page...
CVE-2007-6658
SQL injection vulnerability in admin.php/vars.php in CustomCMS CCMS 3.1 Demo allows remote attackers to execute arbitrary SQL commands via the p parameter in the Console page...
CVE-2007-6658
CVE-2007-6658 concerns a SQL injection in the CustomCMS (CCMS) 3.1 Demo, specifically in the files/admin.php/vars.php. The underlying issue is an injection vulnerability exploitable via the p parameter on the Console page, enabling remote attackers to execute arbitrary SQL commands. The available...
CustomCMS 3.1 - vars.php SQL Injection
CustomCMS 3.1 - vars.php SQL Injection source: https://www.securityfocus.com/bid/27069/info CustomCMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromis...