7 matches found
EUVD-2012-4013
Malware in sbrugna...
EUVD-2012-4014
Malware in sbrugna...
CVE-2012-4070
SQL injection vulnerability in system/src/dispatcher.php in Dir2web 3.0 allows remote attackers to execute arbitrary SQL commands via the oid parameter in a homepage action to index.php...
Sql injection
SQL injection vulnerability in system/src/dispatcher.php in Dir2web 3.0 allows remote attackers to execute arbitrary SQL commands via the oid parameter in a homepage action to index.php...
Improper access control
Dir2web 3.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database via a direct request for system/db/website.db...
CVE-2012-4070
SQL injection vulnerability in system/src/dispatcher.php in Dir2web 3.0 allows remote attackers to execute arbitrary SQL commands via the oid parameter in a homepage action to index.php...
CVE-2012-4070
CVE-2012-4070 affects Dir2web v3.0. Vulnerable component: system/src/dispatcher.php. The oid parameter in the homepage action to index.php enables SQL injection, allowing remote arbitrary SQL execution. Root cause: insufficient input validation in dispatcher.php; Patch guidance: replace the GET/P...