12 matches found
EUVD-2006-6191
Malware in sbrugna...
Enthrallweb eClassifieds ad.asp Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/21192/info eClassifieds is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...
CVE-2006-6822
myprofile.asp in Enthrallweb eClassifieds does not properly validate the MMrecordId parameter during profile updates, which allows remote authenticated users to modify certain profile fields of another account by specifying that account's username in a modified MMrecordId parameter...
Enthrallweb eClassifieds 1.0 Remote User Pass Change Exploit
Exploit for unknown platform in category web applications ============================================================ Enthrallweb eClassifieds 1.0 Remote User Pass Change Exploit ============================================================ Change Profile=Username FIRST: LAST:...
Enthrallweb eClassifieds 1.0 Remote User Pass Change Exploit
No description provided by source. form action="target/myprofile.asp" method="POST" name="form2" p/p table align="center" cellpadding="1" cellspacing="1" tr valign="baseline" td align="right" nowrap class="title" Change Profile=Username input type="text" name="MMrecordId" value="ajann" /td td inp...
Enthrallweb eClassifieds 1.0 - Remote User Pass Change
Change Profile=Username FIRST: LAST:...
CVE-2006-6208
Summary: CVE-2006-6208 concerns Enthrallweb eClassifieds with multiple SQL injection vulnerabilities. The vulnerability is triggered via parameters in several endpoints: (1) AD_ID, (2) cat_id, (3) sub_id, and (4) ad_id to ad.asp; (5) cid to dircat.asp; and (6) sid to dirSub.asp. The underlying is...
CVE-2006-6208
Multiple SQL injection vulnerabilities in Enthrallweb eClassifieds allow remote attackers to execute arbitrary SQL commands via the 1 ADID, 2 catid, 3 subid, and 4 adid parameters to a ad.asp, the 5 cid parameter to b dircat.asp, and the 6 sid parameter to c dirSub.asp...
Enthrallweb eClassifieds - dircat.asp?cid SQL Injection
Enthrallweb eClassifieds - dircat.asp?cid SQL Injection source: https://www.securityfocus.com/bid/21192/info eClassifieds is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could...
Enthrallweb eClassifieds - ad.asp Multiple SQL Injections
Enthrallweb eClassifieds - ad.asp Multiple SQL Injections source: https://www.securityfocus.com/bid/21192/info eClassifieds is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues coul...
Enthrallweb eClassifieds - 'dircat.asp?cid' SQL Injection
source: https://www.securityfocus.com/bid/21192/info eClassifieds is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access ...
Enthrallweb eClassifieds - 'ad.asp' Multiple SQL Injections
source: https://www.securityfocus.com/bid/21192/info eClassifieds is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access ...