EUVD-2008-3398

Malware in sbrugna...

EPShop < 3.0 (pid) Remote SQL Injection Vulnerability

No description provided by source. + Name : EPShop 3.0 pid Remote SQL Injection Vulnerability + Author : mikeX - http://www.cyber-underground.net / m$n: mikeXatfuckoffdotcom + Dorks: ?action=proshow and ?action=disppro + Greetz : Ciaran McG, -Witch-Doct0r, Kn, MegaByte, Squibs, cIpheR, mmmbud,...

Sql injection

SQL injection vulnerability in Comsenz EPShop aka ECShop before 3.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter in a 1 proshow or 2 disppro action to the default URI...

CVE-2008-3412

SQL injection vulnerability in Comsenz EPShop aka ECShop before 3.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter in a 1 proshow or 2 disppro action to the default URI...

CVE-2008-3412

SQL injection vulnerability in Comsenz EPShop aka ECShop before 3.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter in a 1 proshow or 2 disppro action to the default URI...

CVE-2008-3412

CVE-2008-3412 is a SQL injection in Comsenz EPShop (ECShop) prior to 3.0. The vulnerability is exploitable via the pid parameter in the pro_show or disppro actions to the default URI, enabling remote attackers to execute arbitrary SQL commands. The exploitation status is not detailed in the provi...

EPShop 'index.php' SQL注入漏洞

BUGTRAQ ID: 30387 CNCAN ID：CNCAN-2008072903 EPShop是一款基于PHP的WEB应用程序。 EPShop不正确过滤用户提交的输入，远程攻击者可以利用漏洞进行SQL注入攻击，获得敏感信息或操作数据库。 问题是'index.php'脚本对用户提交的'pid'参数缺少过滤，提交恶意SQL查询作为参数数据，可更改原来的SQL逻辑，获得敏感信息或操作数据库。 EPShop 目前没有解决方案提供： http://comsenz.com/products/ecshop...

epshop-sql.txt

Name : EPShop 3.0 pid Remote SQL Injection Vulnerability + Author : mikeX - http://www.cyber-underground.net / m$n: mikeXatfuckoffdotcom + Dorks: ?action=proshow and ?action=disppro + Greetz : Ciaran McG, -Witch-Doct0r, Kn, MegaByte, Squibs, cIpheR, mmmbud, RoMeo Information; You can't download a...

EPShop &lt; 3.0 (pid) Remote SQL Injection Vulnerability

No description provided by source. + Name : EPShop 3.0 pid Remote SQL Injection Vulnerability + Author : mikeX - http://www.cyber-underground.net / m$n: mikeXatfuckoffdotcom + Dorks: ?action=proshow and ?action=disppro + Greetz : Ciaran McG, -Witch-Doct0r, Kn, MegaByte, Squibs, cIpheR, mmmbud,...

EPShop < 3.0 (pid) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ===================================================== EPShop 3.0 pid Remote SQL Injection Vulnerability ===================================================== + Name : EPShop 3.0 pid Remote SQL Injection Vulnerability + Author : mikeX -...

EPShop 3.0 - pid SQL Injection

EPShop 3.0 - pid SQL Injection + Name : EPShop 3.0 pid Remote SQL Injection Vulnerability + Author : mikeX - http://www.cyber-underground.net / m$n: mikeXatfuckoffdotcom + Dorks: ?action=proshow and ?action=disppro + Greetz : Ciaran McG, -Witch-Doct0r, Kn, MegaByte, Squibs, cIpheR, mmmbud, RoMeo...