24 matches found
EUVD-2006-6191
Malware in sbrugna...
MAL-2025-6862 Malicious code in zylker-eclassifieds-ui (npm)
The package communicates with a domain associated with malicious activity...
Malicious code in zylker-eclassifieds-ui (npm)
The package communicates with a domain associated with malicious activity...
Enthrallweb eClassifieds dirSub.asp sid Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/21192/info eClassifieds is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...
Enthrallweb eClassifieds ad.asp Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/21192/info eClassifieds is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...
Enthrallweb eClassifieds dircat.asp cid Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/21192/info eClassifieds is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...
CVE-2006-6822
myprofile.asp in Enthrallweb eClassifieds does not properly validate the MMrecordId parameter during profile updates, which allows remote authenticated users to modify certain profile fields of another account by specifying that account's username in a modified MMrecordId parameter...
CVE-2006-6822
myprofile.asp in Enthrallweb eClassifieds does not properly validate the MMrecordId parameter during profile updates, which allows remote authenticated users to modify certain profile fields of another account by specifying that account's username in a modified MMrecordId parameter...
CVE-2006-6822
Vulnerability : In Enthrallweb eClassifieds, myprofile.asp does not properly validate the MM_recordId parameter during profile updates. This allows remote authenticated users to modify certain profile fields of another account by supplying that account’s username in a modified MM_recordId value. ...
Enthrallweb eClassifieds 1.0 - Remote User Pass Change
Enthrallweb eClassifieds 1.0 - Remote User Pass Change Change Profile=Username FIRST: LAST:...
Enthrallweb eClassifieds 1.0 Remote User Pass Change Exploit
Exploit for unknown platform in category web applications ============================================================ Enthrallweb eClassifieds 1.0 Remote User Pass Change Exploit ============================================================ Change Profile=Username FIRST: LAST:...
Enthrallweb eClassifieds 1.0 - Remote User Pass Change
Change Profile=Username FIRST: LAST:...
Enthrallweb eClassifieds 1.0 Remote User Pass Change Exploit
No description provided by source. form action="target/myprofile.asp" method="POST" name="form2" p/p table align="center" cellpadding="1" cellspacing="1" tr valign="baseline" td align="right" nowrap class="title" Change Profile=Username input type="text" name="MMrecordId" value="ajann" /td td inp...
CVE-2006-6208
Multiple SQL injection vulnerabilities in Enthrallweb eClassifieds allow remote attackers to execute arbitrary SQL commands via the 1 ADID, 2 catid, 3 subid, and 4 adid parameters to a ad.asp, the 5 cid parameter to b dircat.asp, and the 6 sid parameter to c dirSub.asp...
CVE-2006-6208
Summary: CVE-2006-6208 concerns Enthrallweb eClassifieds with multiple SQL injection vulnerabilities. The vulnerability is triggered via parameters in several endpoints: (1) AD_ID, (2) cat_id, (3) sub_id, and (4) ad_id to ad.asp; (5) cid to dircat.asp; and (6) sid to dirSub.asp. The underlying is...
CVE-2006-6208
Multiple SQL injection vulnerabilities in Enthrallweb eClassifieds allow remote attackers to execute arbitrary SQL commands via the 1 ADID, 2 catid, 3 subid, and 4 adid parameters to a ad.asp, the 5 cid parameter to b dircat.asp, and the 6 sid parameter to c dirSub.asp...
eClassifieds [injection sql]
vendor site: http://enthrallweb.com/ product : eClassifieds bug:injection sql risk : medium injection sql : /ad.asp?ADID='sql /ad.asp?catid='sql /dircat.asp?cid='sql /dirSub.asp?sid='sql /ad.asp?catid=35&subid='sql /ad.asp?catid=35&subid=102&adid='sql laurent gaffi & benjamin moss http://s-a-p.ca...
eClassifieds.txt
vendor site: http://enthrallweb.com/ product : eClassifieds bug:injection sql risk : medium injection sql : /ad.asp?ADID='sql /ad.asp?catid='sql /dircat.asp?cid='sql /dirSub.asp?sid='sql /ad.asp?catid=35&subid='sql /ad.asp?catid=35&subid=102&adid='sql laurent gaffié & benjamin mossé...
Enthrallweb eClassifieds - ad.asp Multiple SQL Injections
Enthrallweb eClassifieds - ad.asp Multiple SQL Injections source: https://www.securityfocus.com/bid/21192/info eClassifieds is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues coul...
Enthrallweb eClassifieds - 'dircat.asp?cid' SQL Injection
source: https://www.securityfocus.com/bid/21192/info eClassifieds is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access ...