EUVD-2009-2163

Malware in sbrugna...

EgyPlus 7ml <= 1.0.1 (Auth Bypass) SQL Injection Vulnerability

No description provided by source. || || | || o,7 || . o7 || q||| o\, : / / . =By: Qabandi =Email: iqaahotmail.fr From Kuwait, PEACE... =Vuln: EgyPlus 7ml = 1.0.1 - Cookie Auth Bypass SQL injection vulnerability CABSIV =INFO: http://egyplus.org/article-2.htm =Download:...

CVE-2009-2168

cpanel/login.php in EgyPlus 7ammel aka 7ml 1.0.1 and earlier sends a redirect to the web browser but does not exit when the supplied credentials are incorrect, which allows remote attackers to bypass authentication by providing arbitrary username and password parameters...

Authentication flaw

cpanel/login.php in EgyPlus 7ammel aka 7ml 1.0.1 and earlier sends a redirect to the web browser but does not exit when the supplied credentials are incorrect, which allows remote attackers to bypass authentication by providing arbitrary username and password parameters...

Sql injection

Multiple SQL injection vulnerabilities in cpanel/login.php in EgyPlus 7ammel aka 7ml 1.0.1 and earlier, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 username or 2 password parameter...

CVE-2009-2167

Multiple SQL injection vulnerabilities in cpanel/login.php in EgyPlus 7ammel aka 7ml 1.0.1 and earlier, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 username or 2 password parameter...

CVE-2009-2167

Multiple SQL injection vulnerabilities in cpanel/login.php in EgyPlus 7ammel aka 7ml 1.0.1 and earlier, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 username or 2 password parameter...

CVE-2009-2168

cpanel/login.php in EgyPlus 7ammel aka 7ml 1.0.1 and earlier sends a redirect to the web browser but does not exit when the supplied credentials are incorrect, which allows remote attackers to bypass authentication by providing arbitrary username and password parameters...

CVE-2009-2168

Summary: CVE-2009-2168 affects EgyPlus 7ammel (aka 7ml) 1.0.1 and earlier. The vuln arises in cpanel/login.php where, after invalid credentials, a redirect is sent but the script does not exit, allowing remote attackers to bypass authentication by supplying arbitrary username and password paramet...

CVE-2009-2167

CVE-2009-2167 affects EgyPlus 7ammel (aka 7ml) 1.0.1 and earlier. Multiple SQL injection in cpanel/login.php via (1) username or (2) password when magic_quotes_gpc is disabled; enables remote execution of arbitrary SQL commands. Documents do not provide a remediation, and while exploits exist (se...

PT-2009-4620 · Egyplus · Egyplus 7Ammel

Name of the Vulnerable Software and Affected Versions: EgyPlus 7ammel aka 7ml versions 1.0.1 and earlier Description: The issue allows remote attackers to bypass authentication by providing arbitrary username and password parameters. This occurs because cpanel/login.php sends a redirect to the we...

EgyPlus 7ml &lt;= 1.0.1 (Auth Bypass) SQL Injection Vulnerability

No description provided by source. =By: Qabandi =Email: iqaahotmail.fr From Kuwait, PEACE... =Vuln: EgyPlus 7ml = 1.0.1 - Cookie Auth Bypass SQL injection vulnerability CABSIV =INFO: http://egyplus.org/article-2.htm =Download: http://traidnt.net/vb/attachment.php?attachmentid=252224&d=1211197439...

EgyPlus 7ml 1.0.1 SQL Injection

|| || | || o,7 || . o7 || q||| o\, : / / . =By: Qabandi =Email: iqaahotmail.fr From Kuwait, PEACE... =Vuln: EgyPlus 7ml query"select name,pass from admin where name = '$username' and pass = '$password' "; $AdminInfo=$hazemali-numrows$sql; if$AdminInfo==1 ---- Checks if MySQL statement is true...

EgyPlus 7ml 1.0.1 - Authentication Bypass

|| || | || o,7 || . o7 || q||| o\, : / / . =By: Qabandi =Email: iqaahotmail.fr From Kuwait, PEACE... =Vuln: EgyPlus 7ml query"select name,pass from admin where name = '$username' and pass = '$password' "; $AdminInfo=$hazemali-numrows$sql; if$AdminInfo==1 ---- Checks if MySQL statement is true...

EgyPlus 7ml 1.0.1 - Authentication Bypass

EgyPlus 7ml 1.0.1 - Authentication Bypass || || | || o,7 || . o7 || q||| o\, : / / . =By: Qabandi =Email: iqaahotmail.fr From Kuwait, PEACE... =Vuln: EgyPlus 7ml query"select name,pass from admin where name = '$username' and pass = '$password' "; $AdminInfo=$hazemali-numrows$sql; if$AdminInfo==1...

EgyPlus 7ml <= 1.0.1 (Auth Bypass) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ============================================================== EgyPlus 7ml query"select name,pass from admin where name = '$username' and pass = '$password' "; $AdminInfo=$hazemali-numrows$sql; if$AdminInfo==1 ---- Checks if MySQL statemen...