14 matches found
EUVD-2008-5098
Malware in sbrugna...
EUVD-2008-4724
Malware in sbrugna...
Scripts4Profit DXShopCart 4.30 'pid' Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/30772/info DXShopCart is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise th...
Cross site scripting
Cross-site scripting XSS vulnerability in search.php in Scripts4Profit DXShopCart 4.30mc allows remote attackers to inject arbitrary web script or HTML via the keyword parameter...
CVE-2008-5119
Cross-site scripting XSS vulnerability in search.php in Scripts4Profit DXShopCart 4.30mc allows remote attackers to inject arbitrary web script or HTML via the keyword parameter...
CVE-2008-5119
CVE-2008-5119 describes an Cross-site scripting (XSS) vulnerability in the PHP script search.php of Scripts4Profit DXShopCart 4.30mc. The issue allows remote attackers to inject arbitrary web script or HTML via the keyword parameter. The NVD entry lists a MEDIUM severity (CVSS v2.0: 4.3) with net...
CVE-2008-4744
SQL injection vulnerability in productdetail.php in DXShopCart 4.30mc allows remote attackers to execute arbitrary SQL commands via the pid parameter...
Sql injection
SQL injection vulnerability in productdetail.php in DXShopCart 4.30mc allows remote attackers to execute arbitrary SQL commands via the pid parameter...
CVE-2008-4744
SQL injection vulnerability in productdetail.php in DXShopCart 4.30mc allows remote attackers to execute arbitrary SQL commands via the pid parameter...
CVE-2008-4744
CVE-2008-4744 describes an SQL injection in DXShopCart 4.30mc where the pid parameter in product_detail.php can be used by remote attackers to execute arbitrary SQL commands. The vulnerability is technically a network-accessible injection affecting confidentiality, integrity, and availability (pa...
Scripts4Profit DXShopCart 'pid' SQL注入漏洞
BUGTRAQ ID: 30772 CNCAN ID:CNCAN-2008082209 Scripts4Profit DXShopCart是一款基于PHP的WEB应用程序。 Scripts4Profit DXShopCart不正确过滤用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,获得敏感信息或操作数据库。 问题是脚本对用户提交的'pid'参数缺少过滤,提交恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息或操作数据库。 Scripts4Profit DXShopCart 4.30 mc 目前没有解决方案提供:...
dxshopcart-sql.txt
DXShopCart V4.30mcpidRemote SQL Injection Vulnerability Author: Hussin X Home : www.tryag.cc/cc email : darkangelg85atYahooDoTcom script : http://scripts4profit.net/products.php?cid=19 DorK : Powered by - DXShopCart v4.30mc Exploit: 1...
Scripts4Profit DXShopCart 4.30 - pid SQL Injection
Scripts4Profit DXShopCart 4.30 - pid SQL Injection source: https://www.securityfocus.com/bid/30772/info DXShopCart is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker...
Scripts4Profit DXShopCart 4.30 - 'pid' SQL Injection
source: https://www.securityfocus.com/bid/30772/info DXShopCart is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...