13 matches found
EUVD-2008-6438
Malware in sbrugna...
EUVD-2006-4346
Malware in sbrugna...
CVE-2008-6468
SQL injection vulnerability in index.php in Diesel Pay allows remote attackers to execute arbitrary SQL commands via the area parameter in a browse action...
CVE-2008-6468
CVE-2008-6468 affects Diesel Pay: SQL injection in index.php via the area parameter in a browse action. Root cause is improper input handling in that parameter, enabling remote attackers to potentially execute arbitrary SQL commands. The vulnerability is rated CVSS v2 base score 7.5 (HIGH) with n...
CVE-2008-6468
SQL injection vulnerability in index.php in Diesel Pay allows remote attackers to execute arbitrary SQL commands via the area parameter in a browse action...
Diesel Pay 'index.php' SQL注入漏洞
BUGTRAQ ID: 31276 CNCAN ID:CNCAN-2008092304 Diesel Pay是一款基于PHP的WEB应用程序。 Diesel Pay不正确处理用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,可能获得敏感信息或操作数据库。 问题由于'index.php'脚本对用户提交给'aera'参数缺少过滤,构建恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息或操作数据库。 DieselScripts Diesel Pay 目前没有解决方案提供: http://www.dieselscripts.com/diesel-pay.html...
dieselpay-sql.txt
Diesel Pay Script index.php area sql inj http://www.dieselscripts.com ---------------------------------------------------------- Discovered By: ZoRLu Date: 20.09.2008 contact: [email protected] contact: [email protected] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA :...
Diesel Pay Script (area) Remote SQL Injection Vulnerability
No description provided by source. Diesel Pay Script index.php area sql inj http://www.dieselscripts.com ---------------------------------------------------------- Discovered By: ZoRLu Date: 20.09.2008 contact: [email protected] contact: [email protected] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMD...
Diesel Pay Script - area SQL Injection
Diesel Pay Script - area SQL Injection Diesel Pay Script index.php area sql inj http://www.dieselscripts.com ---------------------------------------------------------- Discovered By: ZoRLu Date: 20.09.2008 contact: [email protected] contact: [email protected] N0T: YALNIZLIK, YiTiRDi ANLAMINI...
Diesel Pay Script - 'area' SQL Injection
Diesel Pay Script index.php area sql inj http://www.dieselscripts.com ---------------------------------------------------------- Discovered By: ZoRLu Date: 20.09.2008 contact: [email protected] contact: [email protected] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA :...
Diesel Pay Script (area) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications =========================================================== Diesel Pay Script area Remote SQL Injection Vulnerability =========================================================== Diesel Pay Script index.php area sql inj...
CVE-2006-4358
Cross-site scripting XSS vulnerability in index.php in Diesel Pay allows remote attackers to inject arbitrary web script or HTML via the read parameter...
CVE-2006-4358
CVE-2006-4358 describes a cross-site scripting (XSS) vulnerability in the Diesel Pay product, affecting the code path index.php via the read parameter. The vulnerability allows remote attackers to inject arbitrary web script or HTML. According to the NVD entry, the CVSS v2 base score is 4.3 (Medi...