20 matches found
EUVD-2007-3973
Malware in sbrugna...
EUVD-2007-6109
Malware in sbrugna...
EUVD-2007-3974
Malware in sbrugna...
Dora Emlak 1.0 Script Multiple Input Validation Vulnerabilities
No description provided by source...
Dora Emlak Script SQL注入漏洞
Dora Emlak Script是一款基于PHP的WEB应用程序。 Dora Emlak Script不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞进行SQL注入攻击,可获得敏感信息或操作数据库。 问题是由于脚本对用户提交的WEB参数缺少过滤,提交恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息或可能操作数据库。 测试方法 Dora Emlak 2.0 目前没有解决方案提供: http://www.aspindir.com/goster/5027...
CVE-2007-6140
Multiple SQL injection vulnerabilities in Dora Emlak 2.0 allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to a emlakdetay.asp and b haberdetay.asp, the 2 kategori parameter to c kategorisirala.asp, and the 3 tip parameter to d tipsirala.asp...
Sql injection
Multiple SQL injection vulnerabilities in Dora Emlak 2.0 allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to a emlakdetay.asp and b haberdetay.asp, the 2 kategori parameter to c kategorisirala.asp, and the 3 tip parameter to d tipsirala.asp...
CVE-2007-6140
CVE-2007-6140 affects Dora Emlak 2.0. The vulnerability is due to SQL injection in multiple parameters: id (emlak_detay.asp, haber_detay.asp), kategori (kategorisirala.asp), and tip (tipsirala.asp). This allows remote attackers to execute arbitrary SQL commands. Connected documents confirm affect...
CVE-2007-6140
Multiple SQL injection vulnerabilities in Dora Emlak 2.0 allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to a emlakdetay.asp and b haberdetay.asp, the 2 kategori parameter to c kategorisirala.asp, and the 3 tip parameter to d tipsirala.asp...
dora-sql.txt
Dora Emlak Script v2.0 SQL Injection Vulnerability Software: Dora Emlak Script v2.0 Download: not free 300 YTL Sales: http://www.aspindir.com/goster/5027 Demo: http://www.doraittifaki.com/dorav2/ Found By: GeFORC3 | G3 Exploit: http://www.example.com/dorav2/emlakdetay.asp?id= SQL...
dora-bypass.txt
Dora Emlak Script v1.0 tr Admin Login ByPass ilker kandemir Download: http://aspindir.com/goster/5027 TnX.: Ajann, Dumenci, H0tTurk, Str0ke Bug in ../dora/administartor/yonetim/patron/default.asp 1 and cookSecondLevel 1 Then 'Eger 1. ve 2. Seviye Sessionlar 1den Farkliysa % Admin Login Panel:...
Dora Emlak Script v1.0 (tr) Admin Login ByPass
Dora Emlak Script v1.0 tr Admin Login ByPass ilker kandemir ilkerkandemiratmynet.com Download: http://aspindir.com/goster/5027 TnX.: Ajann, Dumenci, H0tTurk, Str0ke Bug in ../dora/administartor/yonetim/patron/default.asp cookFirstLevel = Session"FirstLevelSecurity" 'Ilk Gьvenlik Session...
CVE-2007-3990
SQL injection vulnerability in default.asp in Dora Emlak 1.0, when the goster parameter is set to emlakdetay, allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...
Sql injection
SQL injection vulnerability in default.asp in Dora Emlak 1.0, when the goster parameter is set to emlakdetay, allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...
CVE-2007-3990
CVE-2007-3990 describes an SQL injection vulnerability in Dora Emlak 1.0, triggered when goster is set to emlakdetay and an arbitrary id parameter is supplied to default.asp. The root cause is unsafely constructed SQL queries, allowing remote attackers to execute arbitrary SQL commands. No exploi...
CVE-2007-3989
Multiple cross-site scripting XSS vulnerabilities in default.asp in Dora Emlak 1.0, when the goster parameter is set to iletisim, allow remote attackers to inject arbitrary web script or HTML via the 1 Adiniz and 2 Soyadiniz parameters; and possibly other unspecified vectors. NOTE: the provenance...
CVE-2007-3990
SQL injection vulnerability in default.asp in Dora Emlak 1.0, when the goster parameter is set to emlakdetay, allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...
CVE-2007-3989
CVE-2007-3989 describes multiple reflected XSS vulnerabilities in the Dora Emlak 1.0 web app, specifically in default.asp when goster is set to iletisim. The vulnerabilities allow injection of arbitrary script/HTML via the Adiniz and Soyadiniz parameters (and possibly other vectors). Affected com...
doraemlak-xsssql.txt
Dora Emlak Script v1.0 XSS & sql injection Vulnerability. Software: Dora Emlak Script v1.0 download: http://www.aspindir.com/goster/5027 demo: http://www.fatihkaratas.info/dora/ Found By: GeFORC3 G3 Exploit: 1-http://www.example.com/dora/default.asp?goster=iletisim You write xss code in page's te...
Dora Emlak 1.0 Script - Multiple Input Validation Vulnerabilities
source: https://www.securityfocus.com/bid/25004/info Dora Emlak Script is prone to multiple input-validation vulnerabilities, including HTML-injection and SQL-injection issues, because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker ...