19 matches found
EUVD-2008-0527
Malware in sbrugna...
EUVD-2006-4310
Malware in sbrugna...
Mambo Component EstateAgent 0.1 - Remote SQL Injection Vulnerability
No description provided by source. joomla SQL Injectioncomestateagent AUTHOR : S@BUN HOME : http://www.hackturkiye.com/ DorK 1 : allinurl: allinurl: comestateagent EXPLOIT :...
Mambo EstateAgent 1.0.2 Component mosConfig_absolute_path Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19625/info The Mambo EstateAgent component is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file...
Joomla component The Estate Agent (com_estateagent) SQL injection
Exploit for php platform in category web applications Exploit Title: joomla component comestateagent SQL injection Vulnerability Date: 10/04/2012 Author: xDarkSton3x E-mail : email protected Category:: webapps Google dork: inurl:"comestateagent" Tested on: linux + windows Vendor link:...
CVE-2008-0517
SQL injection vulnerability in index.php in the Darko Selesi EstateAgent comestateagent 0.1 component for Mambo 4.5.x and Joomla! allows remote attackers to execute arbitrary SQL commands via the objid parameter in a contact showObject action...
Sql injection
SQL injection vulnerability in index.php in the Darko Selesi EstateAgent comestateagent 0.1 component for Mambo 4.5.x and Joomla! allows remote attackers to execute arbitrary SQL commands via the objid parameter in a contact showObject action...
CVE-2008-0517
SQL injection vulnerability in index.php in the Darko Selesi EstateAgent comestateagent 0.1 component for Mambo 4.5.x and Joomla! allows remote attackers to execute arbitrary SQL commands via the objid parameter in a contact showObject action...
CVE-2008-0517
CVE-2008-0517 describes an SQL injection in index.php of the Darko Selesi EstateAgent (com_estateagent) 0.1 component for Mambo 4.5.x and Joomla!. The vulnerability allows remote attackers to inject arbitrary SQL via the objid parameter in a contact showObject action. Affected software is the Est...
Mambo Component EstateAgent 0.1 Remote SQL Injection Vulnerability
No description provided by source. joomla SQL Injectioncomestateagent AUTHOR : S@BUN HOME : http://www.hackturkiye.com/ DorK 1 : allinurl: allinurl: "comestateagent" EXPLOIT :...
joomlaestate-sql.txt
joomla SQL Injectioncomestateagent AUTHOR : S@BUN HOME : http://www.hackturkiye.com/ DorK 1 : allinurl: allinurl: "comestateagent" EXPLOIT : index.php?option=comestateagent&Itemid=S@BUN&func=showObject&info=contact&objid=-9999//union//select//username,password//from//mosusers/&results=S@BUN S@BUN...
Mambo Component EstateAgent 0.1 - SQL Injection
Mambo Component EstateAgent 0.1 - SQL Injection joomla SQL Injectioncomestateagent AUTHOR : S@BUN HOME : http://www.hackturkiye.com/ DorK 1 : allinurl: allinurl: "comestateagent" EXPLOIT :...
Mambo Component EstateAgent 0.1 Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ================================================================== Mambo Component EstateAgent 0.1 Remote SQL Injection Vulnerability ================================================================== joomla SQL Injectioncomestateagent Dor...
Mambo Component EstateAgent 0.1 - SQL Injection
joomla SQL Injectioncomestateagent AUTHOR : S@BUN HOME : http://www.hackturkiye.com/ DorK 1 : allinurl: allinurl: "comestateagent" EXPLOIT : index.php?option=comestateagent&Itemid=S@BUN&func=showObject&info=contact&objid=-9999//union//select//username,password//from//mosusers/&results=S@BUN S@BUN...
Mambo EstateAgent组件mosConfig_absolute_path远程文件包含漏洞
EstateAgent是Mambo中的一个组件,允许小型地产公司和代理管理地产资料。 EstateAgent模块的/administrator/components/comestateagent/configuration.php脚本没有正确地验证mosConfigabsolutepath参数的输入,允许攻击者可以通过包含本地或外部资源的任意文件导致执行任意代码。成功攻击要求打开了registerglobals。 bits-dont-bite EstateAgent 1.0.2 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:...
estateagent.txt
Aria-Security.net Advisory Discovered by: O.U.T.L.A.W Gr33t to: A.U.R.A & Hessam-X & Cl0wn & DrtRp Software: Mambo Component - EstateAgent Attack method: Source: Don't allow direct linking defined 'VALIDMOS' or die 'Direct Access to this location is not allowed.' ; requireonce $mainframe-getPath...
Mambo Component EstateAgent 1.0.2 - MosConfig_absolute_path Remote File Inclusion
source: https://www.securityfocus.com/bid/19625/info The Mambo EstateAgent component is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and...
Mambo Component EstateAgent 1.0.2 - MosConfig_absolute_path Remote File Inclusion
Mambo Component EstateAgent 1.0.2 - MosConfigabsolutepath Remote File Inclusion source: https://www.securityfocus.com/bid/19625/info The Mambo EstateAgent component is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit...
Mambo Component - EstateAgent Remote File Inclusion
Aria-Security.net Advisory Discovered by: O.U.T.L.A.W www.Aria-security.net Gr33t to: A.U.R.A & Hessam-X & Cl0wn & DrtRp Software: Mambo Component - EstateAgent Attack method: Source: Don't allow direct linking defined 'VALIDMOS' or die 'Direct Access to this location is not allowed.' ; requireon...