CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

No description provided by source. source: http://www.securityfocus.com/bid/28412/info Efestech E-Kontor is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•13 views

EfesTECH Video 5.0 - 'catID' Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28532/info EfesTECH Video is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromis...

7.1AI score

Exploits0

Packet Storm•added 2008/07/10 12:0 a.m.•15 views

efestechshop-sql.txt

Title: Efestech Shop v2.0 Sql İnjection Vuln ============================== ================================== + Author : Dr.Kacak + Special Thankz : KnockOut And All My Friends + System 0VerfL0WerZ Group & BuqX Team + Mail : BuqX at Hotmail dot com...

7.4AI score

Exploits0

NVD•added 2008/07/07 6:41 p.m.•10 views

CVE-2008-3030

SQL injection vulnerability in default.asp in EfesTECH Shop 2.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter in an urunler action...

7.5CVSS8.4AI score0.00485EPSS

Exploits0References4

Prion•added 2008/07/07 6:41 p.m.•8 views

Sql injection

SQL injection vulnerability in default.asp in EfesTECH Shop 2.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter in an urunler action...

7.5CVSS9.1AI score0.00485EPSS

Exploits0References4Affected Software1

CVE•added 2008/07/07 6:20 p.m.•38 views

CVE-2008-3030

CVE-2008-3030 is a SQL injection vulnerability in EfesTECH Shop 2.0 (default.asp) that allows remote attackers to inject arbitrary SQL via the cat_id parameter in the urunler action. The connected records corroborate the affected software and the input vector, with CVSSv2 metrics indicating a bas...

7.5CVSS8.4AI score0.00485EPSS

Exploits0References4Affected Software1

Cvelist•added 2008/07/07 6:20 p.m.•11 views

CVE-2008-3030

SQL injection vulnerability in default.asp in EfesTECH Shop 2.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter in an urunler action...

8.4AI score0.00485EPSS

Exploits0References4

seebug.org•added 2008/07/03 12:0 a.m.•105 views

EfesTECH Shop "cat_id" SQL注入漏洞

BUGTRAQ ID: CNCAN ID：CNCAN-2008070303 EfesTECH Shop是一款基于ASP的WEB应用程序。 EfesTECH Shop不正确处理用户提交的输入，远程攻击者可以利用漏洞进行SQL注入攻击，可能获得敏感信息或操作数据库。问题是'default.asp'脚本对用户提交给'catid'参数缺少过滤，构建恶意SQL查询作为参数数据，可更改原来的SQL逻辑，获得敏感信息或操作数据库。 EfesTECH Shop 2.x 目前没有详细解决方案提供： http://www.aspindir.com/Goster/5479...

6.9AI score

Exploits0

seebug.org•added 2008/07/02 12:0 a.m.•14 views

Efestech Shop 2.0 (cat_id) Remote SQL Injection Vulnerability

No description provided by source. Title: Efestech Shop v2.0 Sql njection Vuln ============================== ================================== + Author : Dr.Kacak + Special Thankz : KnockOut And All My Friends + System 0VerfL0WerZ Group & BuqX Team + Mail : BuqX at Hotmail dot com...

7.1AI score

Exploits0

exploitpack•added 2008/07/01 12:0 a.m.•10 views

Efestech Shop 2.0 - cat_id SQL Injection

Efestech Shop 2.0 - catid SQL Injection Title: Efestech Shop v2.0 Sql Ä°njection Vuln ============================== ================================== + Author : Dr.Kacak + Special Thankz : KnockOut And All My Friends + System 0VerfL0WerZ Group & BuqX Team + Mail : BuqX at Hotmail dot com...

0.6AI score

Exploits0

Exploit DB•added 2008/07/01 12:0 a.m.•34 views

Efestech Shop 2.0 - 'cat_id' SQL Injection

Title: Efestech Shop v2.0 Sql Ä°njection Vuln ============================== ================================== + Author : Dr.Kacak + Special Thankz : KnockOut And All My Friends + System 0VerfL0WerZ Group & BuqX Team + Mail : BuqX at Hotmail dot com...

7AI score

Exploits0

0day.today•added 2008/07/01 12:0 a.m.•18 views

Efestech Shop 2.0 (cat_id) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ============================================================= Efestech Shop 2.0 catid Remote SQL Injection Vulnerability ============================================================= Script : Efestech Shop v2.0 Verz: 2.0 SQL attack ;...

7.1AI score

Exploits0

NVD•added 2008/04/02 5:44 p.m.•10 views

CVE-2008-1641

SQL injection vulnerability in default.asp in EfesTECH Video 5.0 allows remote attackers to execute arbitrary SQL commands via the catID parameter...

7.5CVSS8.4AI score0.0044EPSS

Exploits1References5

Prion•added 2008/04/02 5:44 p.m.•13 views

Sql injection

SQL injection vulnerability in default.asp in EfesTECH Video 5.0 allows remote attackers to execute arbitrary SQL commands via the catID parameter...

7.5CVSS9.1AI score0.0044EPSS

Exploits1References5Affected Software1

CVE•added 2008/04/02 5:0 p.m.•36 views

CVE-2008-1641

CVE-2008-1641 is a SQL injection vulnerability in EfesTECH Video 5.0, exploitable via the catID parameter in default.asp. The affected component is the default.asp page of EfesTECH Video 5.0; the underlying cause is injectable SQL through catID, enabling remote command execution. NVD lists a base...

7.5CVSS8.4AI score0.0044EPSS

Exploits1References5Affected Software1

Cvelist•added 2008/04/02 5:0 p.m.•14 views

CVE-2008-1641

SQL injection vulnerability in default.asp in EfesTECH Video 5.0 allows remote attackers to execute arbitrary SQL commands via the catID parameter...

8.4AI score0.0044EPSS

Exploits1References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by