6 matches found
EUVD-2006-1241
Malware in sbrugna...
[eVuln] DSNewsletter SQL Injection Vulnerability
New eVuln Advisory: DSNewsletter SQL Injection Vulnerability http://evuln.com/vulns/97/summary.html --------------------Summary---------------- eVuln ID: EV0097 CVE: CVE-2006-1237 Software: DSNewsletter Sowtware's Web Site: http://dsportal.uw.hu/ Versions: 1.0 Critical Level: Moderate Type: SQL...
Sql injection
Multiple SQL injection vulnerabilities in DSNewsletter 1.0, with magicquotesgpc disabled, allow remote attackers to execute arbitrary SQL commands via the email parameter to 1 include/sub.php, 2 include/confirm.php, or 3 include/unconfirm.php...
CVE-2006-1237
Multiple SQL injection vulnerabilities in DSNewsletter 1.0, with magicquotesgpc disabled, allow remote attackers to execute arbitrary SQL commands via the email parameter to 1 include/sub.php, 2 include/confirm.php, or 3 include/unconfirm.php...
CVE-2006-1237
DSNewsletter 1.0 is affected by multiple SQL injection vulnerabilities via the email parameter in include/sub.php, include/confirm.php, and include/unconfirm.php. The root cause is improper sanitization when magic_quotes_gpc is off, enabling remote attackers to construct arbitrary SQL queries. Re...
CVE-2006-1237
Multiple SQL injection vulnerabilities in DSNewsletter 1.0, with magicquotesgpc disabled, allow remote attackers to execute arbitrary SQL commands via the email parameter to 1 include/sub.php, 2 include/confirm.php, or 3 include/unconfirm.php...