EUVD-2006-1236

Malware in sbrugna...

[eVuln] DSDownload Multiple SQL Injection Vulnerabilities

New eVuln Advisory: DSDownload Multiple SQL Injection Vulnerabilities http://evuln.com/vulns/99/summary.html --------------------Summary---------------- eVuln ID: EV0099 CVE: CVE-2006-1232 Software: DSDownload Sowtware's Web Site: http://dsportal.uw.hu/ Versions: 1.0 Critical Level: Moderate Type...

DSDownload 1.0 - Multiple SQL Injections

source: https://www.securityfocus.com/bid/17116/info DSDownload is prone to multiple SQL-injection vulnerabilities. The application fails to properly sanitize user-supplied input before using it in SQL queries. This will allow an attacker to inject arbitrary SQL logic into the vulnerable paramete...

DSDownload 1.0 - Multiple SQL Injections

DSDownload 1.0 - Multiple SQL Injections source: https://www.securityfocus.com/bid/17116/info DSDownload is prone to multiple SQL-injection vulnerabilities. The application fails to properly sanitize user-supplied input before using it in SQL queries. This will allow an attacker to inject arbitra...

Sql injection

Multiple SQL injection vulnerabilities in DSDownload 1.0, with magicquotesgpc disabled, allow remote attackers to execute arbitrary SQL commands via the 1 key and 2 category parameters to a search.php and b downloads.php...

CVE-2006-1232

Multiple SQL injection vulnerabilities in DSDownload 1.0, with magicquotesgpc disabled, allow remote attackers to execute arbitrary SQL commands via the 1 key and 2 category parameters to a search.php and b downloads.php...

CVE-2006-1232

DSDownload 1.0 is affected by multiple SQL injection vulnerabilities. The issue arises in search.php and downloads.php where the parameters (1) key and (2) category are incorporated into SQL queries without proper sanitization, with magic_quotes_gpc disabled. This allows remote attackers to craft...