EUVD-2008-6709

Malware in sbrugna...

EUVD-2008-6710

Malware in sbrugna...

CVE-2008-6749

Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPDirectory 0.0.1, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 checkuser and 2 checkpass parameters...

Unrestricted file upload

Unrestricted file upload vulnerability in add.php in FlexPHPDirectory 0.0.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in photo/...

Sql injection

Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPDirectory 0.0.1, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 checkuser and 2 checkpass parameters...

CVE-2008-6750

Unrestricted file upload vulnerability in add.php in FlexPHPDirectory 0.0.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in photo/...

CVE-2008-6749

Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPDirectory 0.0.1, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 checkuser and 2 checkpass parameters...

CVE-2008-6750

CVE-2008-6750 affects FlexPHPDirectory 0.0.1, where add.php allows unrestricted file uploads. An attacker can upload a file with an executable extension and then access it directly under photo/ to execute code remotely. The underlying issue is unrestricted upload handling in the web application, ...

CVE-2008-6749

CVE-2008-6749 affects FlexPHPDirectory 0.0.1. Multiple SQL injection vulnerabilities exist in admin/usercheck.php when magic_quotes_gpc is disabled, allowing remote attackers to injected arbitrary SQL via the checkuser and checkpass parameters. The issue is documented with an NVD entry and multip...

FlexPHPDirectory 0.0.1 SQL Injection

Autore: x0r Email: [email protected] Site: http://w00tz0ne.altervista.org/index.php Cms: Flexphpdiren Version: 0.0.1 Download: http://www.china-on-site.com/flexphpdir/ Bug In \admin\usercheck.php 'n' \add.php $sql = "select username,adminid from linkexadmin where username='$checkuser' and...

FlexPHPDirectory 0.0.1 - Authentication Bypass

FlexPHPDirectory 0.0.1 - Authentication Bypass Autore: x0r Email: [email protected] Site: http://w00tz0ne.altervista.org/index.php Cms: Flexphpdiren Version: 0.0.1 Download: http://www.china-on-site.com/flexphpdir/ Bug In \admin\usercheck.php 'n' \add.php $sql = "select username,adminid from...

FlexPHPDirectory 0.0.1 (Auth Bypass) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================ FlexPHPDirectory 0.0.1 Auth Bypass SQL Injection Vulnerability ================================================================ Autore: x0r Cms: Flexphpdiren Version: 0.0.1...

FlexPHPDirectory 0.0.1 (Auth Bypass) SQL Injection Vulnerability

No description provided by source. Autore: x0r Email: [email protected] Site: http://w00tz0ne.altervista.org/index.php Cms: Flexphpdiren Version: 0.0.1 Download: http://www.china-on-site.com/flexphpdir/ Bug In \admin\usercheck.php 'n' \add.php $sql = "select username,adminid from linkexadmin...

FlexPHPDirectory 0.0.1 - Authentication Bypass

Autore: x0r Email: [email protected] Site: http://w00tz0ne.altervista.org/index.php Cms: Flexphpdiren Version: 0.0.1 Download: http://www.china-on-site.com/flexphpdir/ Bug In \admin\usercheck.php 'n' \add.php $sql = "select username,adminid from linkexadmin where username='$checkuser' and...