29 matches found
EUVD-2008-6219
Malware in sbrugna...
EUVD-2008-6218
Malware in sbrugna...
EUVD-2008-2694
Malware in sbrugna...
EUVD-2008-2693
Malware in sbrugna...
EUVD-2008-6078
Malware in sbrugna...
Galatolo Web Manager <= 1.0 - Remote SQL Injection Exploit
No description provided by source. !/usr/bin/perl -w Portal : Galatolo WebManager 1.0 exploit aported password crypted exploit tatjibe password mcrypté :d mgharba :d:d:d:d Founded & Exploited by : Stack Contact: Ev!L = see down Greetz : Houssamix & Djekmani & Jadi & Simo64 & iuoisn & All muslims...
CVE-2008-6300
Galatolo WebManager 1.3a allows remote attackers to bypass authentication and gain administrative access by setting the 1 gwmuser and 2 gwmpass cookies to admin. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
Authentication flaw
Galatolo WebManager 1.3a allows remote attackers to bypass authentication and gain administrative access by setting the 1 gwmuser and 2 gwmpass cookies to admin. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2008-6300
Galatolo WebManager 1.3a allows remote attackers to bypass authentication and gain administrative access by setting the 1 gwmuser and 2 gwmpass cookies to admin. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2008-6300
Galatolo WebManager 1.3a is affected by an authentication bypass vulnerability. CVE-2008-6300 allows remote attackers to gain administrative access by setting the gwm_user and gwm_pass cookies to admin. Root cause described as cookie-based auth bypass; no explicit exploit code or in-the-wild deta...
Cross site scripting
Cross-site scripting XSS vulnerability in all.php in Galatolo WebManager 1.3a and earlier allows remote attackers to inject arbitrary web script or HTML via the tag parameter...
Sql injection
SQL injection vulnerability in plugins/users/index.php in Galatolo WebManager 1.3a and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2008-6249
SQL injection vulnerability in plugins/users/index.php in Galatolo WebManager 1.3a and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2008-6248
Cross-site scripting XSS vulnerability in all.php in Galatolo WebManager 1.3a and earlier allows remote attackers to inject arbitrary web script or HTML via the tag parameter...
CVE-2008-6249
SQL injection vulnerability in plugins/users/index.php in Galatolo WebManager 1.3a and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2008-6248
This entry relates to CVE-2008-6248, a Cross-site Scripting (XSS) vulnerability affecting Galatolo WebManager 1.3a and earlier. The issue is in all.php, with the tag parameter enabling remote attackers to inject arbitrary web script or HTML. Affected component: all.php in Galatolo WebManager; roo...
CVE-2008-6249
CVE-2008-6249 affects Galatolo WebManager (v1.3a and earlier). The vulnerability is in plugins/users/index.php and allows remote attackers to inject SQL via the id parameter, enabling execution of arbitrary SQL commands. The available records do not provide a confirmed patch version or remediatio...
CVE-2008-6108
Cross-site scripting XSS vulnerability in result.php in Galatolo WebManager GWM 1.0 allows remote attackers to inject arbitrary web script or HTML via the key parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in result.php in Galatolo WebManager GWM 1.0 allows remote attackers to inject arbitrary web script or HTML via the key parameter...
CVE-2008-6108
Cross-site scripting XSS vulnerability in result.php in Galatolo WebManager GWM 1.0 allows remote attackers to inject arbitrary web script or HTML via the key parameter...