EUVD-2008-3398

Malware in sbrugna...

EPShop < 3.0 (pid) Remote SQL Injection Vulnerability

No description provided by source. + Name : EPShop 3.0 pid Remote SQL Injection Vulnerability + Author : mikeX - http://www.cyber-underground.net / m$n: mikeXatfuckoffdotcom + Dorks: ?action=proshow and ?action=disppro + Greetz : Ciaran McG, -Witch-Doct0r, Kn, MegaByte, Squibs, cIpheR, mmmbud,...

CVE-2008-3412

SQL injection vulnerability in Comsenz EPShop aka ECShop before 3.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter in a 1 proshow or 2 disppro action to the default URI...

Sql injection

SQL injection vulnerability in Comsenz EPShop aka ECShop before 3.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter in a 1 proshow or 2 disppro action to the default URI...

CVE-2008-3412

CVE-2008-3412 is a SQL injection in Comsenz EPShop (ECShop) prior to 3.0. The vulnerability is exploitable via the pid parameter in the pro_show or disppro actions to the default URI, enabling remote attackers to execute arbitrary SQL commands. The exploitation status is not detailed in the provi...

CVE-2008-3412

SQL injection vulnerability in Comsenz EPShop aka ECShop before 3.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter in a 1 proshow or 2 disppro action to the default URI...

EPShop 'index.php' SQL注入漏洞

BUGTRAQ ID: 30387 CNCAN ID：CNCAN-2008072903 EPShop是一款基于PHP的WEB应用程序。 EPShop不正确过滤用户提交的输入，远程攻击者可以利用漏洞进行SQL注入攻击，获得敏感信息或操作数据库。 问题是'index.php'脚本对用户提交的'pid'参数缺少过滤，提交恶意SQL查询作为参数数据，可更改原来的SQL逻辑，获得敏感信息或操作数据库。 EPShop 目前没有解决方案提供： http://comsenz.com/products/ecshop...

epshop-sql.txt

Name : EPShop 3.0 pid Remote SQL Injection Vulnerability + Author : mikeX - http://www.cyber-underground.net / m$n: mikeXatfuckoffdotcom + Dorks: ?action=proshow and ?action=disppro + Greetz : Ciaran McG, -Witch-Doct0r, Kn, MegaByte, Squibs, cIpheR, mmmbud, RoMeo Information; You can't download a...

EPShop &lt; 3.0 (pid) Remote SQL Injection Vulnerability

No description provided by source. + Name : EPShop 3.0 pid Remote SQL Injection Vulnerability + Author : mikeX - http://www.cyber-underground.net / m$n: mikeXatfuckoffdotcom + Dorks: ?action=proshow and ?action=disppro + Greetz : Ciaran McG, -Witch-Doct0r, Kn, MegaByte, Squibs, cIpheR, mmmbud,...

EPShop < 3.0 (pid) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ===================================================== EPShop 3.0 pid Remote SQL Injection Vulnerability ===================================================== + Name : EPShop 3.0 pid Remote SQL Injection Vulnerability + Author : mikeX -...

EPShop 3.0 - pid SQL Injection

EPShop 3.0 - pid SQL Injection + Name : EPShop 3.0 pid Remote SQL Injection Vulnerability + Author : mikeX - http://www.cyber-underground.net / m$n: mikeXatfuckoffdotcom + Dorks: ?action=proshow and ?action=disppro + Greetz : Ciaran McG, -Witch-Doct0r, Kn, MegaByte, Squibs, cIpheR, mmmbud, RoMeo...