45 matches found
Sql injection
eBrigade before 5.0 has evenementical.php evenement SQL Injection...
Sql injection
eBrigade before 5.0 has evenementchoice.php chxCal SQL Injection...
Sql injection
eBrigade before 5.0 has evenements.php cid SQL Injection...
CVE-2019-16745
CVE-2019-16745 affects eBrigade prior to version 5.0, where SQL injection exists in evenement_choice.php chxCal. The vulnerability stems from unvalidated inputs in the SQL statements, enabling unauthorized manipulation of the database. Red Hat and CNVD entries corroborate the issue, and a public ...
CVE-2019-16745
eBrigade before 5.0 has evenementchoice.php chxCal SQL Injection...
CVE-2019-16744
CVE-2019-16744 affects the eBrigade web application prior to version 5.0. The vulnerability is a SQL injection in evenements.php (cid parameter as described in multiple sources), allowing an attacker to execute arbitrary SQL commands via the application’s input. Impact is reported as high in CVE ...
CVE-2019-16744
eBrigade before 5.0 has evenements.php cid SQL Injection...
CVE-2019-16743
CVE-2019-16743 concerns eBrigade prior to 5.0, which contains a SQL Injection in the evenement_ical.php endpoint. The vulnerability arises from improper handling of user input in this script, enabling attackers to inject SQL commands. Exploitation details are not explicitly provided in the includ...
CVE-2019-16743
eBrigade before 5.0 has evenementical.php evenement SQL Injection...
eBrigade SQL Injection Vulnerability (CNVD-2019-35770)
eBrigade is a rescue team management system. The system includes personnel management, vehicle management and equipment management. A SQL injection vulnerability exists in eBrigade versions prior to 5.0, which can be exploited by attackers to execute illegal SQL commands...
eBrigade SQL Injection Vulnerability
eBrigade is a rescue team management system. The system includes personnel management, vehicle management and equipment management. A SQL injection vulnerability exists in eBrigade versions prior to 5.0. The vulnerability stems from a lack of validation of externally entered SQL statements in...
eBrigade SQL Injection Vulnerability (CNVD-2019-35774)
eBrigade is a rescue team management system. The system includes personnel management, vehicle management and equipment management. A SQL injection vulnerability exists in eBrigade versions prior to 5.0, which can be exploited by attackers to execute illegal SQL commands...
eBrigade SQL Injection
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple SQL Injection vulnerabilities product: eBrigade vulnerable version: =5.0 CVE number: CVE-2019-16743, CVE-2019-16744, CVE-2019-16745 impact: critical homepage:...
CVE-2019-9622
eBrigade through 4.5 allows Arbitrary File Download via ../ directory traversal in the showfile.php file parameter, as demonstrated by reading the user-data/save/backup.sql file...
CVE-2019-9622
eBrigade through 4.5 allows Arbitrary File Download via ../ directory traversal in the showfile.php file parameter, as demonstrated by reading the user-data/save/backup.sql file...
Directory traversal
eBrigade through 4.5 allows Arbitrary File Download via ../ directory traversal in the showfile.php file parameter, as demonstrated by reading the user-data/save/backup.sql file...
CVE-2019-9622
CVE-2019-9622 affects eBrigade (up to version 4.5) and enables Arbitrary File Download through a ../ directory traversal in the showfile.php parameter, demonstrated by accessing user-data/save/backup.sql. The root cause is unsafely handling path input in showfile.php, allowing retrieval of files ...
CVE-2019-9622
eBrigade through 4.5 allows Arbitrary File Download via ../ directory traversal in the showfile.php file parameter, as demonstrated by reading the user-data/save/backup.sql file...
eBrigade ERP 4.5 - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: eBrigade ERP 4.5 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://ebrigade.net/ Software Link: https://netcologne.dl.sourceforge.net/project/ebrigade/ebrigade/eBrigade%204.5/ebrigade4.5.zip Version: 4.5...
eBrigade ERP 4.5 - Arbitrary File Download Exploit
Exploit for php platform in category web applications !/usr/bin/python import mechanize, sys, cookielib, requests import colorama, urllib, re, random, urllib2 import wget from colorama import Fore from tqdm import tqdm from pathlib import Path def bannerche: print ''' @email protected | eBrigade...