42 matches found
EUVD-2005-4298
Malware in sbrugna...
EUVD-2007-0590
Malware in sbrugna...
EUVD-2005-4297
Malware in sbrugna...
EUVD-2006-0222
Malware in sbrugna...
EUVD-2005-4299
Malware in sbrugna...
EUVD-2006-0322
Malware in sbrugna...
ezDatabase 2.1.2 index.php db_id Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15908/info ezDatabase is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. ezDatabase is prone to an SQL injection...
EZDatabase 2.1.1 Index.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16257/info EZDatabase is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...
ezDatabase 2.1.2 index.php p Parameter Local File Inclusion
No description provided by source...
EZDatabaseRemote 2.0 PHP Script Code Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16237/info ezDatabase is prone to a remote PHP script code execution vulnerability. An attacker can exploit this issue to execute arbitrary malicious PHP code and execute it in the context of the Web server process. These...
Cross site scripting
Cross-site scripting XSS vulnerability in EzDatabase 2.1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to admin/login.php and the Admin Panel Database...
CVE-2007-0592
CVE-2007-0592 is an XSS vulnerability in EzDatabase 2.1.3. The affected component is EzDatabase’s admin/login.php and the Admin Panel Database, allowing remote attackers to inject arbitrary web script or HTML via unspecified vectors. The NVD entry indicates a CVSSv2 base score of 6.8 (Medium) wit...
CVE-2007-0592
Cross-site scripting XSS vulnerability in EzDatabase 2.1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to admin/login.php and the Admin Panel Database...
EzDatabase Multiple Cross-Site Scripting Vulnerability
EzDatabase Multiple Cross-Site Scripting Vulnerability Written in PHP and MySQL, ezDatabase is the foundation for your online databases. It is a powerful web based application that allows users with basic HTML knowledge to create online databases for their website. ezDatabase will do the hard wor...
Update Protection against ezDatabase Remote File Inclusion Vulnerability
ezDatabase is a Web based application designed for creating online databases. A vulnerability in ezDatabase allows remote attackers to execute arbitrary PHP code via several parameters. Attackers may be able to disclose sensitive information and compromise an affected system...
EZDatabase 2.0 - 'db_id' Remote Command Execution
!/usr/bin/perl ezDatabase Remote Command Execution Exploit based on advisory by Pridels Team Copyright c 2006 cijfer All rights reserved. never ctrl+c again. cijfer$ http://target.com/dir host changed to 'http://target.com/dir' cijfer$ $Id: cijfer-ezdbxpl.pl,v 0.1 2006/01/21 019:22:00 cijfer Exp ...
ezDatabase <= 2.0 (db_id) Remote Command Execution Exploit
Exploit for unknown platform in category web applications ========================================================== ezDatabase All rights reserved. never ctrl+c again. cijfer$ http://target.com/dir host changed to 'http://target.com/dir' cijfer$ $Id: cijfer-ezdbxpl.pl,v 0.1 2006/01/21 019:22:00...
EZDatabase.txt
Synopsis: EZDatabase directory transversal, XSS and path disclosure vulnerability Product: EZDatabase http://www.ezdatabase.org Version: Confirmed on EZDatabase 2.1.2 Author: Josh Zlatin-Amishav Date: January 15, 2006 Background: Written in PHP and MySQL, ezDatabase is the foundation for your...
Directory traversal
index.php in EZDatabase before 2.1.2 does not properly cleanse the p parameter before constructing and including a .php filename, which allows remote attackers to conduct directory traversal attacks, and produces resultant cross-site scripting XSS and path disclosure...
CVE-2006-0315
index.php in EZDatabase before 2.1.2 does not properly cleanse the p parameter before constructing and including a .php filename, which allows remote attackers to conduct directory traversal attacks, and produces resultant cross-site scripting XSS and path disclosure...