EUVD-2009-2105

Malware in sbrugna...

EUVD-2009-2109

Malware in sbrugna...

FretsWeb 1.2 - Multiple Local File Inclusion Vulnerabilities

No description provided by source. || || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O ¡PROUD TO BE SPANISH! --...

Fretsweb <= 1.2 Multiple LFI Vulnerabilities

Fretsweb is prone to multiple local file include LFI vulnerabilities because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Fretsweb Multiple Local File Include Vulnerabilities

Fretsweb is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain potentially sensitive information and to execute arbitrary local scripts in the context of the webserver process. Thi...

FretsWeb 1.2 Multiple Local File Inclusion Vulnerabilities

---------------------------------------------------------------------------------------------- | MULTIPLE LOCAL FILE INCLUSION VULNERABILITIES | |--------------------------------------------------------------------------------------------| | | FretsWeb 1.2 | | | CMS INFORMATION:...

FretsWeb 1.2 &#40;name&#41; Remote Blind SQL Injection Exploit

!/usr/bin/python || || || ----------------------------------------- == -- ----------- ---------------------------- ------------------/ VIVA SPAIN!... GANAREMOS EL MUNDIAL!...o.O PROUD TO BE SPANIS...

MULTIPLE LOCAL FILE INCLUSION VULNERABILITIES --FretsWeb 1.2--&gt;

---------------------------------------------------------------- MULTIPLE LOCAL FILE INCLUSION VULNERABILITIES --FretsWeb 1.2-- ---------------------------------------------------------------- CMS INFORMATION: --WEB: http://sourceforge.net/projects/fretsweb/ --DOWNLOAD:...

&#40;GET var &#39;name&#39;&#41; BLIND SQL INJECTION EXPLOIT --FretsWeb 1.2--&gt;

!/usr/bin/python ---------------------------------------------------------------- GET var 'name' BLIND SQL INJECTION EXPLOIT --FretsWeb 1.2-- ---------------------------------------------------------------- CMS INFORMATION: --WEB: http://sourceforge.net/projects/fretsweb/ --DOWNLOAD:...

Sql injection

Multiple SQL injection vulnerabilities in FretsWeb 1.2 allow remote attackers to execute arbitrary SQL commands via the 1 name parameter to player.php and the 2 hash parameter to song.php...

CVE-2009-2109

Multiple directory traversal vulnerabilities in FretsWeb 1.2 allow remote attackers to read arbitrary files via directory traversal sequences in the 1 language parameter to charts.php and the 2 fretsweblanguage cookie parameter to unspecified vectors, possibly related to admin/common.php...

Directory traversal

Multiple directory traversal vulnerabilities in FretsWeb 1.2 allow remote attackers to read arbitrary files via directory traversal sequences in the 1 language parameter to charts.php and the 2 fretsweblanguage cookie parameter to unspecified vectors, possibly related to admin/common.php...

CVE-2009-2113

Multiple SQL injection vulnerabilities in FretsWeb 1.2 allow remote attackers to execute arbitrary SQL commands via the 1 name parameter to player.php and the 2 hash parameter to song.php...

CVE-2009-2109

Multiple directory traversal vulnerabilities in FretsWeb 1.2 allow remote attackers to read arbitrary files via directory traversal sequences in the 1 language parameter to charts.php and the 2 fretsweblanguage cookie parameter to unspecified vectors, possibly related to admin/common.php...

CVE-2009-2113

FretsWeb 1.2 is affected by multiple SQL injection vulnerabilities exploitable via the name parameter to player.php and the hash parameter to song.php. The underlying issue is unsafe handling of these inputs that allows arbitrary SQL execution. Potential impact is remote arbitrary SQL commands; e...

CVE-2009-2109

CVE-2009-2109 affects FretsWeb 1.2. Multiple directory traversal vulnerabilities allow remote attackers to read arbitrary files via the language parameter to charts.php and the fretsweb_language cookie parameter to unspecified vectors, possibly related to admin/common.php. Root cause: improper ha...

CVE-2009-2113

Multiple SQL injection vulnerabilities in FretsWeb 1.2 allow remote attackers to execute arbitrary SQL commands via the 1 name parameter to player.php and the 2 hash parameter to song.php...

PT-2009-4565 · Fretsweb · Fretsweb

Name of the Vulnerable Software and Affected Versions: FretsWeb version 1.2 Description: The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the name parameter to "player.php" and the hash parameter to "song.php". Recommendations: For FretsWeb version 1.2...

PT-2009-4561 · Fretsweb · Fretsweb

Name of the Vulnerable Software and Affected Versions: FretsWeb version 1.2 Description: The issue allows remote attackers to read arbitrary files due to multiple directory traversal vulnerabilities. This is achieved through directory traversal sequences in the language parameter to "charts.php"...

FretsWeb 1.2 - name Blind SQL Injection

FretsWeb 1.2 - name Blind SQL Injection !/usr/bin/python || || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ VIVA SPAIN!... GANAREMOS EL MUNDIAL!...o.O PROUD TO BE SPANISH!...