EUVD-2009-3290

Malware in sbrugna...

HTB23017: XSS in FanUpdate

Vulnerability ID: HTB23017 Reference: http://www.htbridge.ch/advisory/xssinfanupdate.html Product: FanUpdate Vendor: fanupdate.co.uk http://fanupdate.co.uk/ Vulnerable Version: 3.0 and probably prior Tested on: 3.0 Vendor Notification: 01 June 2011 Vulnerability Type: XSS Cross Site Scripting Ris...

FanUpdate 3.0 Cross Site Scripting

Vulnerability ID: HTB23017 Reference: http://www.htbridge.ch/advisory/xssinfanupdate.html Product: FanUpdate Vendor: fanupdate.co.uk http://fanupdate.co.uk/ Vulnerable Version: 3.0 and probably prior Tested on: 3.0 Vendor Notification: 01 June 2011 Vulnerability Type: XSS Cross Site Scripting Ris...

FanUpdate 3.0 - pageTitle Cross-Site Scripting

FanUpdate 3.0 - pageTitle Cross-Site Scripting source: https://www.securityfocus.com/bid/48392/info FanUpdate is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this...

FanUpdate 3.0 - 'pageTitle' Cross-Site Scripting

source: https://www.securityfocus.com/bid/48392/info FanUpdate is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execute arbitrary script code in the...

Cross-site Scripting (XSS) Vulnerability in FanUpdate

High-Tech Bridge SA Security Research Lab has discovered vulnerability in FanUpdate which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in FanUpdate The vulnerability exists due to input sanitation error in the "pageTitle" parameter in...

CVE-2009-3308

SQL injection vulnerability in show-cat.php in FanUpdate 2.2.1 allows remote attackers to execute arbitrary SQL commands via the listingid parameter...

Sql injection

SQL injection vulnerability in show-cat.php in FanUpdate 2.2.1 allows remote attackers to execute arbitrary SQL commands via the listingid parameter...

CVE-2009-3308

FanUpdate 2.2.1 is affected by CVE-2009-3308: show-cat.php is vulnerable to SQL injection via the listingid parameter, enabling remote attackers to run arbitrary SQL commands. The NVD entry lists a base score of 7.5 (HIGH) with network vector and low complexity. No explicit remediation in the pro...

CVE-2009-3308

SQL injection vulnerability in show-cat.php in FanUpdate 2.2.1 allows remote attackers to execute arbitrary SQL commands via the listingid parameter...

FanUpdate 2.2.1 (show-cat.php listingid) SQL Injection Vuln

No description provided by source. Author : InSecurity Romania Website : https://insecurity.ro Vulnerable script : FanUpdate 2.2.1 - Explanation See show-cat.php file ----------------------------------------------------------------------------------------------- if !isset$listingid exit;...

FanUpdate 2.2.1 SQL Injection

Author : InSecurity Romania Website : https://insecurity.ro Vulnerable script : FanUpdate 2.2.1 - Explanation See show-cat.php file ----------------------------------------------------------------------------------------------- if !isset$listingid exit; requireonce'blog-config.php';...

FanUpdate 2.2.1 - show-cat.php SQL Injection

FanUpdate 2.2.1 - show-cat.php SQL Injection Author : InSecurity Romania Website : https://insecurity.ro Vulnerable script : FanUpdate 2.2.1 - Explanation See show-cat.php file ----------------------------------------------------------------------------------------------- if !isset$listingid exit...

FanUpdate 2.2.1 - 'show-cat.php' SQL Injection

Author : InSecurity Romania Website : https://insecurity.ro Vulnerable script : FanUpdate 2.2.1 - Explanation See show-cat.php file ----------------------------------------------------------------------------------------------- if !isset$listingid exit; requireonce'blog-config.php';...

FanUpdate 2.2.1 show-cat.php SQL Injection Vulnerability

No description provided by source. Author : InSecurity Romania Website : https://insecurity.ro Vulnerable script : FanUpdate 2.2.1 - Explanation See show-cat.php file ----------------------------------------------------------------------------------------------- if !isset$listingid exit;...

FanUpdate 2.2.1 (show-cat.php listingid) SQL Injection Vuln

Exploit for unknown platform in category web applications =========================================================== FanUpdate 2.2.1 show-cat.php listingid SQL Injection Vuln =========================================================== Author : InSecurity Romania Website : https://insecurity.ro...