EUVD-2006-1022

Malware in sbrugna...

EUVD-2009-3301

Malware in sbrugna...

CVE-2009-3319

SQL injection vulnerability in poems.php in DCI-Designs Dawaween 1.03 allows remote attackers to execute arbitrary SQL commands via the id parameter in a sec list action, a different vector than CVE-2006-1018...

CVE-2009-3319

SQL injection vulnerability in poems.php in DCI-Designs Dawaween 1.03 allows remote attackers to execute arbitrary SQL commands via the id parameter in a sec list action, a different vector than CVE-2006-1018...

CVE-2009-3319

The provided data documents CVE-2009-3319 as affecting the DCI-Designs Dawaween 1.03 package, specifically the poems.php module. The vulnerability is an SQL injection that allows remote attackers to execute arbitrary SQL commands via the id parameter in a sec list action (a vector distinct from C...

CVE-2006-1018

SQL injection vulnerability in poems.php in DCI-Designs Dawaween 1.03 allows remote attackers to execute arbitrary SQL commands via the id parameter in a diwan view action...

Sql injection

SQL injection vulnerability in poems.php in DCI-Designs Dawaween 1.03 allows remote attackers to execute arbitrary SQL commands via the id parameter in a diwan view action...

CVE-2006-1018

The CVE-2006-1018 entry describes an SQL injection in poems.php of DCI-Designs Dawaween 1.03, exploitable via the id parameter in a diwan view action. Affected software: Dawaween 1.03 (poems.php). Root cause: unsanitized id parameter leading to arbitrary SQL execution. Impact per CVSS: Confidenti...

DCI-Designs Dawaween 1.03 - 'Poems.php' SQL Injection

source: https://www.securityfocus.com/bid/16909/info Dawaween is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query. Successful exploits could allow a remote attacker to compromise the application, access or modify dat...