EUVD-2006-3232

Malware in sbrugna...

EUVD-2006-3231

Malware in sbrugna...

[SA20901] FineShop Cross-Site Scripting and SQL Injection

---------------------------------------------------------------------- Reverse Engineer Wanted Secunia offers a Security Specialist position with emphasis on reverse engineering of software and exploit code, auditing of source code, and analysis of vulnerability reports...

CVE-2006-3234

Multiple SQL injection vulnerabilities in index.php in FineShop 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 produkt, 2 idproduc, and 3 idkat parameters...

CVE-2006-3235

Multiple cross-site scripting XSS vulnerabilities in index.php in FineShop 3.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 promocja, 2 wysw, or 3 idproduc parameters...

CVE-2006-3234

CVE-2006-3234 affects FineShop 3.0 and earlier. The vulnerability arises from multiple SQL injection flaws in index.php, exploitable via the parameters (1) produkt, (2) id_produc, and (3) id_kat, allowing remote attackers to execute arbitrary SQL commands. The sources consistently describe these ...

CVE-2006-3235

Multiple cross-site scripting XSS vulnerabilities in index.php in FineShop 3.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 promocja, 2 wysw, or 3 idproduc parameters...

CVE-2006-3235

This CVE refers to multiple cross-site scripting (XSS) flaws in index.php of FineShop 3.0 and earlier. The vulnerabilities allow remote attackers to inject arbitrary script or HTML via the parameters (1) promocja, (2) wysw, or (3) id_produc. Affected product: FineShop 3.0 and earlier (web applica...

CVE-2006-3234

Multiple SQL injection vulnerabilities in index.php in FineShop 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 produkt, 2 idproduc, and 3 idkat parameters...