16 matches found
EUVD-2009-2163
Malware in sbrugna...
EgyPlus 7ml <= 1.0.1 (Auth Bypass) SQL Injection Vulnerability
No description provided by source. || || | || o,7 || . o7 || q||| o\, : / / . =By: Qabandi =Email: iqaahotmail.fr From Kuwait, PEACE... =Vuln: EgyPlus 7ml = 1.0.1 - Cookie Auth Bypass SQL injection vulnerability CABSIV =INFO: http://egyplus.org/article-2.htm =Download:...
Sql injection
Multiple SQL injection vulnerabilities in cpanel/login.php in EgyPlus 7ammel aka 7ml 1.0.1 and earlier, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 username or 2 password parameter...
Authentication flaw
cpanel/login.php in EgyPlus 7ammel aka 7ml 1.0.1 and earlier sends a redirect to the web browser but does not exit when the supplied credentials are incorrect, which allows remote attackers to bypass authentication by providing arbitrary username and password parameters...
CVE-2009-2167
Multiple SQL injection vulnerabilities in cpanel/login.php in EgyPlus 7ammel aka 7ml 1.0.1 and earlier, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 username or 2 password parameter...
CVE-2009-2167
Multiple SQL injection vulnerabilities in cpanel/login.php in EgyPlus 7ammel aka 7ml 1.0.1 and earlier, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 username or 2 password parameter...
CVE-2009-2168
cpanel/login.php in EgyPlus 7ammel aka 7ml 1.0.1 and earlier sends a redirect to the web browser but does not exit when the supplied credentials are incorrect, which allows remote attackers to bypass authentication by providing arbitrary username and password parameters...
CVE-2009-2168
cpanel/login.php in EgyPlus 7ammel aka 7ml 1.0.1 and earlier sends a redirect to the web browser but does not exit when the supplied credentials are incorrect, which allows remote attackers to bypass authentication by providing arbitrary username and password parameters...
CVE-2009-2168
Summary: CVE-2009-2168 affects EgyPlus 7ammel (aka 7ml) 1.0.1 and earlier. The vuln arises in cpanel/login.php where, after invalid credentials, a redirect is sent but the script does not exit, allowing remote attackers to bypass authentication by supplying arbitrary username and password paramet...
CVE-2009-2167
CVE-2009-2167 affects EgyPlus 7ammel (aka 7ml) 1.0.1 and earlier. Multiple SQL injection in cpanel/login.php via (1) username or (2) password when magic_quotes_gpc is disabled; enables remote execution of arbitrary SQL commands. Documents do not provide a remediation, and while exploits exist (se...
PT-2009-4620 · Egyplus · Egyplus 7Ammel
Name of the Vulnerable Software and Affected Versions: EgyPlus 7ammel aka 7ml versions 1.0.1 and earlier Description: The issue allows remote attackers to bypass authentication by providing arbitrary username and password parameters. This occurs because cpanel/login.php sends a redirect to the we...
EgyPlus 7ml <= 1.0.1 (Auth Bypass) SQL Injection Vulnerability
No description provided by source. =By: Qabandi =Email: iqaahotmail.fr From Kuwait, PEACE... =Vuln: EgyPlus 7ml = 1.0.1 - Cookie Auth Bypass SQL injection vulnerability CABSIV =INFO: http://egyplus.org/article-2.htm =Download: http://traidnt.net/vb/attachment.php?attachmentid=252224&d=1211197439...
EgyPlus 7ml 1.0.1 SQL Injection
|| || | || o,7 || . o7 || q||| o\, : / / . =By: Qabandi =Email: iqaahotmail.fr From Kuwait, PEACE... =Vuln: EgyPlus 7ml query"select name,pass from admin where name = '$username' and pass = '$password' "; $AdminInfo=$hazemali-numrows$sql; if$AdminInfo==1 ---- Checks if MySQL statement is true...
EgyPlus 7ml 1.0.1 - Authentication Bypass
EgyPlus 7ml 1.0.1 - Authentication Bypass || || | || o,7 || . o7 || q||| o\, : / / . =By: Qabandi =Email: iqaahotmail.fr From Kuwait, PEACE... =Vuln: EgyPlus 7ml query"select name,pass from admin where name = '$username' and pass = '$password' "; $AdminInfo=$hazemali-numrows$sql; if$AdminInfo==1...
EgyPlus 7ml <= 1.0.1 (Auth Bypass) SQL Injection Vulnerability
Exploit for unknown platform in category web applications ============================================================== EgyPlus 7ml query"select name,pass from admin where name = '$username' and pass = '$password' "; $AdminInfo=$hazemali-numrows$sql; if$AdminInfo==1 ---- Checks if MySQL statemen...
EgyPlus 7ml 1.0.1 - Authentication Bypass
|| || | || o,7 || . o7 || q||| o\, : / / . =By: Qabandi =Email: iqaahotmail.fr From Kuwait, PEACE... =Vuln: EgyPlus 7ml query"select name,pass from admin where name = '$username' and pass = '$password' "; $AdminInfo=$hazemali-numrows$sql; if$AdminInfo==1 ---- Checks if MySQL statement is true...