14 matches found
EUVD-2008-6709
Malware in sbrugna...
EUVD-2008-6710
Malware in sbrugna...
Sql injection
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPDirectory 0.0.1, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 checkuser and 2 checkpass parameters...
CVE-2008-6749
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPDirectory 0.0.1, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 checkuser and 2 checkpass parameters...
Unrestricted file upload
Unrestricted file upload vulnerability in add.php in FlexPHPDirectory 0.0.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in photo/...
CVE-2008-6750
Unrestricted file upload vulnerability in add.php in FlexPHPDirectory 0.0.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in photo/...
CVE-2008-6750
CVE-2008-6750 affects FlexPHPDirectory 0.0.1, where add.php allows unrestricted file uploads. An attacker can upload a file with an executable extension and then access it directly under photo/ to execute code remotely. The underlying issue is unrestricted upload handling in the web application, ...
CVE-2008-6749
CVE-2008-6749 affects FlexPHPDirectory 0.0.1. Multiple SQL injection vulnerabilities exist in admin/usercheck.php when magic_quotes_gpc is disabled, allowing remote attackers to injected arbitrary SQL via the checkuser and checkpass parameters. The issue is documented with an NVD entry and multip...
CVE-2008-6749
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPDirectory 0.0.1, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 checkuser and 2 checkpass parameters...
FlexPHPDirectory 0.0.1 SQL Injection
Autore: x0r Email: [email protected] Site: http://w00tz0ne.altervista.org/index.php Cms: Flexphpdiren Version: 0.0.1 Download: http://www.china-on-site.com/flexphpdir/ Bug In \admin\usercheck.php 'n' \add.php $sql = "select username,adminid from linkexadmin where username='$checkuser' and...
FlexPHPDirectory 0.0.1 - Authentication Bypass
FlexPHPDirectory 0.0.1 - Authentication Bypass Autore: x0r Email: [email protected] Site: http://w00tz0ne.altervista.org/index.php Cms: Flexphpdiren Version: 0.0.1 Download: http://www.china-on-site.com/flexphpdir/ Bug In \admin\usercheck.php 'n' \add.php $sql = "select username,adminid from...
FlexPHPDirectory 0.0.1 (Auth Bypass) SQL Injection Vulnerability
Exploit for unknown platform in category web applications ================================================================ FlexPHPDirectory 0.0.1 Auth Bypass SQL Injection Vulnerability ================================================================ Autore: x0r Cms: Flexphpdiren Version: 0.0.1...
FlexPHPDirectory 0.0.1 (Auth Bypass) SQL Injection Vulnerability
No description provided by source. Autore: x0r Email: [email protected] Site: http://w00tz0ne.altervista.org/index.php Cms: Flexphpdiren Version: 0.0.1 Download: http://www.china-on-site.com/flexphpdir/ Bug In \admin\usercheck.php 'n' \add.php $sql = "select username,adminid from linkexadmin...
FlexPHPDirectory 0.0.1 - Authentication Bypass
Autore: x0r Email: [email protected] Site: http://w00tz0ne.altervista.org/index.php Cms: Flexphpdiren Version: 0.0.1 Download: http://www.china-on-site.com/flexphpdir/ Bug In \admin\usercheck.php 'n' \add.php $sql = "select username,adminid from linkexadmin where username='$checkuser' and...