11 matches found
EUVD-2008-3179
Malware in sbrugna...
Sql injection
SQL injection vulnerability in dreamnews-rss.php in DreamNews Manager allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2008-3189
SQL injection vulnerability in dreamnews-rss.php in DreamNews Manager allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2008-3189
SQL injection vulnerability in dreamnews-rss.php in DreamNews Manager allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2008-3189
CVE-2008-3189 describes an SQL injection vulnerability in the DreamNews Manager, specifically in the file/component dreamnews-rss.php, where the parameter id can be manipulated by an attacker to execute arbitrary SQL commands remotely. The vulnerability is characterized by a CVSS v2 base score of...
DreamLevels DreamNews 'dreamnews-rss.php' SQL注入漏洞
BUGTRAQ ID: 30170 CNCAN ID:CNCAN-2008071101 DreamLevels DreamNews是一款基于PHP的WEB应用程序。 DreamLevels DreamNews不正确处理用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,可能获得敏感信息或操作数据库。 问题由于'dreamnews-rss.php'脚本对用户提交给'id'参数缺少过滤,构建恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息或操作数据库。 DreamNews 目前没有解决方案提供: http://dreamlevels.com/dreamnews.php...
DreamNews Manager (id) Remote SQL Injection Vulnerability
No description provided by source. dreamnews rss Remote SQL Injection Vulnerability ======================================================== Author: Hussin X = = Home : www.tryag.cc/cc = = email: darkangelg85atYahooDoTcom = = ========================================================= script :...
DreamNews Manager (id) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ========================================================= DreamNews Manager id Remote SQL Injection Vulnerability ========================================================= dreamnews rss Remote SQL Injection Vulnerability...
DreamNews Manager - id SQL Injection
DreamNews Manager - id SQL Injection dreamnews rss Remote SQL Injection Vulnerability ======================================================== Author: Hussin X = = Home : www.tryag.cc/cc = = email: darkangelg85atYahooDoTcom = = ========================================================= script :...
dreamnews-sql.txt
dreamnews rss Remote SQL Injection Vulnerability ======================================================== Author: Hussin X = = Home : www.tryag.cc/cc = = email: darkangelg85atYahooDoTcom = = ========================================================= script : http://dreamlevels.com/dreamnews.php Do...
DreamNews Manager - 'id' SQL Injection
dreamnews rss Remote SQL Injection Vulnerability ======================================================== Author: Hussin X = = Home : www.tryag.cc/cc = = email: darkangelg85atYahooDoTcom = = ========================================================= script : http://dreamlevels.com/dreamnews.php Do...