9 matches found
EUVD-2005-3235
Malware in sbrugna...
EUVD-2005-3236
Malware in sbrugna...
Cyphor <= 0.19 (board takeover) SQL Injection Exploit
No description provided by source. ?php quoted from rgod 1if magic quotes off - SQL Injection: /str0ke --- cyphor019xpl.php 7.36 08/10/2005 Cyphor 0.19 possibly prior versions SQL injection / board takeover by rgod site: http://rgod.altervista.org make these changes in php.ini if you have trouble...
CVE-2005-3237
Cross-site scripting XSS vulnerability in Cyphor 0.19 allows remote attackers to inject arbitrary web script or HTML via the tlogin parameter of footer.php...
CVE-2005-3236
Cyphor 0.19 is affected by two SQL injection vulnerabilities described in CVE-2005-3236. The issues reside in (1) newmsg.php using the fid parameter and (2) lostpwd.php using the nick parameter. Successful exploitation can allow remote attackers to execute arbitrary SQL and potentially gain admin...
Cyphor 0.19 SQL Injection / Board takeover / cross site scripting
Cyphor 0.19 SQL Injection / Board takeover / cross site scripting 1if magic quotes off - SQL Injection: by "Forgot your password?" feature you can send yourself a new admin password and reset it, poc: email: youremail nick: 'or'X'='X soon, you will receive an email like this: You have registered...
Cyphor 0.19 - newmsg.php?fid SQL Injection
Cyphor 0.19 - newmsg.php?fid SQL Injection source: https://www.securityfocus.com/bid/15047/info Cyphor is prone to multiple cross-site scripting and SQL injection vulnerabilities. Exploitation could allow for theft of cookie-based authentication credentials or unauthorized access to database data...
Cyphor 0.19 - lostpwd.php?nick SQL Injection
Cyphor 0.19 - lostpwd.php?nick SQL Injection source: https://www.securityfocus.com/bid/15047/info Cyphor is prone to multiple cross-site scripting and SQL injection vulnerabilities. Exploitation could allow for theft of cookie-based authentication credentials or unauthorized access to database...
Cyphor 0.19 - 'lostpwd.php?nick' SQL Injection
source: https://www.securityfocus.com/bid/15047/info Cyphor is prone to multiple cross-site scripting and SQL injection vulnerabilities. Exploitation could allow for theft of cookie-based authentication credentials or unauthorized access to database data. Other attacks are also possible. ?php ---...