5 matches found
EUVD-2006-0780
Malware in sbrugna...
Sql injection
SQL injection vulnerability in deleteSession in DBeSession library 1.0.2 and earlier, as used in multiple products, allows remote attackers to execute arbitrary SQL commands via the $sessidset variable, which is usually derived from PHPSESSID...
CVE-2006-0774
SQL injection vulnerability in deleteSession in DBeSession library 1.0.2 and earlier, as used in multiple products, allows remote attackers to execute arbitrary SQL commands via the $sessidset variable, which is usually derived from PHPSESSID...
CVE-2006-0774
The CVE-2006-0774 entry describes a SQL injection in the function deleteSession() of the DB_eSession library (versions
[SA18805] DB_eSession "deleteSession()" Function SQL Injection
TITLE: DBeSession "deleteSession" Function SQL Injection SECUNIA ADVISORY ID: SA18805 VERIFY ADVISORY: http://secunia.com/advisories/18805/ CRITICAL: Moderately critical IMPACT: Manipulation of data WHERE: From remote SOFTWARE: DBeSession 1.x http://secunia.com/product/8010/ DESCRIPTION: James...