EUVD-2007-1832

Malware in sbrugna...

secure.friendfinder.com XSS vulnerability

Vulnerable URL: https://secure.friendfinder.com/p/register.cgi?city=%22%3E%3Cimg%20src=x%20onerror=prompt%27OPENBUGBOUNTY%27%3E/regpage/1 Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated V...

XOOPS Module Friendfinder SQL Injection (CVE-2007-1838)

An SQL injection vulnerability has been reported in Xoops Friendfinder Module. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

CVE-2007-1838

CVE-2007-1838 describes an SQL injection in the Friendfinder module for XOOPS (version 3.3 and earlier) . The vulnerability affects the view.php component, where an attacker can manipulate the id parameter to execute arbitrary SQL commands on the back-end database. The provided documents confirm ...

XOOPS Module Friendfinder 3.3 - view.php?id SQL Injection

XOOPS Module Friendfinder 3.3 - view.php?id SQL Injection !/usr/bin/perl Script Name: Xoops Module Friendfinder : "; $dir = ; chop $dir; if $dir = /exit/ print "-- Exploit FailedYou Are Exited \n"; exit; if $dir = /// else print "-- Exploit FailedNo DIR \n"; exit; print "User ID uid: "; $id = ;...

XOOPS Module Friendfinder 3.3 - 'view.php?id' SQL Injection

!/usr/bin/perl Script Name: Xoops Module Friendfinder : "; $dir = ; chop $dir; if $dir = /exit/ print "-- Exploit FailedYou Are Exited \n"; exit; if $dir = /// else print "-- Exploit FailedNo DIR \n"; exit; print "User ID uid: "; $id = ; chop $id; $target =...

XOOPS Module Friendfinder <= 3.3 (view.php id) SQL Injection Exploit

Exploit for unknown platform in category web applications ==================================================================== XOOPS Module Friendfinder : "; $dir = ; chop $dir; if $dir = /exit/ print "-- Exploit FailedYou Are Exited \n"; exit; if $dir = /// else print "-- Exploit FailedNo DIR...