EUVD-2009-0113

Malware in sbrugna...

EUVD-2009-0114

Malware in sbrugna...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in EZpack 4.2b2 allows remote attackers to inject arbitrary web script or HTML via the mdfd parameter in a prog action...

Sql injection

SQL injection vulnerability in index.php in EZpack 4.2b2 allows remote attackers to execute arbitrary SQL commands via the qType parameter in a webboard prog action...

CVE-2009-0104

SQL injection vulnerability in index.php in EZpack 4.2b2 allows remote attackers to execute arbitrary SQL commands via the qType parameter in a webboard prog action...

CVE-2009-0105

CVE-2009-0105 describes an XSS vulnerability in EZpack 4.2b2, where index.php is vulnerable via the mdfd parameter in a prog action. The issue allows remote attackers to inject arbitrary web script or HTML; CVSSv2 base score 4.3 (Medium) with Network access, no authentication, and partial integri...

CVE-2009-0104

CVE-2009-0104 affects EZpack 4.2b2, with a vulnerability in the index.php webboard action that allows SQL injection via the qType parameter. The underlying issue is in the handling of the qType input, enabling an attacker to run arbitrary SQL commands remotely. Documents consistently identify the...

ezPack 4.2b2 (XSS/SQL) Multiple Remote Vulnerabilities

No description provided by source. +++++++++++ EZpack XSS/SQL Vulnerability ++++++++++ ProDuct Name : EZpack Download : http://www2.se-ed.net/fatcoder/?mode=download Author : !-BUGJACK-! Site : www.it-dark.com ++ SQL http://localhost/ezPack/op=prog&mdfd=webboard&act=1&ID=1&qType=ID+SQL + XSS...