14 matches found
EUVD-2006-5432
Malware in sbrugna...
Dev Web Management System <= 1.5 (cat) Remote SQL Injection Exploit
No description provided by source. ?php ---Dev15sqlxpl.php 9.54 24/12/2005 Dev =1.5 'cat' SQL injection / admin MD5 password hash disclosure coded by rgod site: http://rgod.altervista.org - this works regardless of magicquotesgpc setting usage: launch from Apache, fill in requested fields, then g...
Dev Web Management System 1.5 getfile.php cat Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/16063/info Dev Web Management System is prone to multiple input validation vulnerabilities. These issues may allow SQL injection and cross-site scripting attacks. Dev Web Management System versions 1.5 and earlier are pro...
CVE-2006-5447
Cross-site scripting XSS vulnerability in index.php in DEV Web Management System WMS 1.5 allows remote attackers to inject arbitrary web script or HTML via the action parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in register.php in DEV web management system 1.5 allows remote attackers to inject arbitrary web script or HTML via the "City/Region" field mesto variable. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...
CVE-2006-0886
Cross-site scripting XSS vulnerability in register.php in DEV web management system 1.5 allows remote attackers to inject arbitrary web script or HTML via the "City/Region" field mesto variable. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...
CVE-2006-0886
The provided sources describe a Cross-site scripting (XSS) vulnerability in DEV web management system 1.5, specifically in register.php, exploitable via the City/Region field (mesto variable). Remote attackers could inject arbitrary web script or HTML. The vulnerability affects the register.php h...
[SA18714] DEV web management system "City/Region" Script Insertion
TITLE: DEV web management system "City/Region" Script Insertion SECUNIA ADVISORY ID: SA18714 VERIFY ADVISORY: http://secunia.com/advisories/18714/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: DEV web management system 1.x http://secunia.com/product/6685/...
Dev Web Management System 1.5 - getfile.php?cat SQL Injection
Dev Web Management System 1.5 - getfile.php?cat SQL Injection source: https://www.securityfocus.com/bid/16063/info Dev Web Management System is prone to multiple input validation vulnerabilities. These issues may allow SQL injection and cross-site scripting attacks. Dev Web Management System...
Dev Web Management System 1.5 - download_now.php?target SQL Injection
Dev Web Management System 1.5 - downloadnow.php?target SQL Injection source: https://www.securityfocus.com/bid/16063/info Dev Web Management System is prone to multiple input validation vulnerabilities. These issues may allow SQL injection and cross-site scripting attacks. Dev Web Management Syst...
Dev Web Management System 1.5 - 'add.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/16063/info Dev Web Management System is prone to multiple input validation vulnerabilities. These issues may allow SQL injection and cross-site scripting attacks. Dev Web Management System versions 1.5 and earlier are prone to these issues...
Dev Web Management System 1.5 - 'getfile.php?cat' SQL Injection
source: https://www.securityfocus.com/bid/16063/info Dev Web Management System is prone to multiple input validation vulnerabilities. These issues may allow SQL injection and cross-site scripting attacks. Dev Web Management System versions 1.5 and earlier are prone to these issues...
Dev Web Management System <= 1.5 (cat) Remote SQL Injection Exploit
No description provided by source. ?php ---Dev15sqlxpl.php 9.54 24/12/2005 Dev =1.5 'cat' SQL injection / admin MD5 password hash disclosure coded by rgod site: http://rgod.altervista.org - this works regardless of magicquotesgpc setting usage: launch from Apache, fill in requested fields, then g...
Dev Web Management System <= 1.5 (cat) Remote SQL Injection Exploit
Exploit for unknown platform in category web applications =================================================================== Dev Web Management System this works regardless of magicquotesgpc setting usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "Prohibit the taking of...