10 matches found
EUVD-2008-1305
Malware in sbrugna...
Hadith Deutsch - Corrupted files, External URLs, SD-card access vulnerabilities
HackApp vulnerability scanner discovered that application Hadith Deutsch published at the 'play' market has multiple vulnerabilities...
PHP-Nuke Hadith Module - 'cat' Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28171/info The Hadith module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...
CVE-2008-1298
SQL injection vulnerability in Hadith module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cat parameter in a viewcat action to modules.php...
CVE-2008-1298
CVE-2008-1298 describes a SQL injection in the Hadith module for PHP-Nuke, exploitable via the cat parameter in a viewcat action to modules.php. The underlying root cause is unsafely concatenated SQL that allows remote attackers to alter or disclose database data. The NVD entry lists a CVSS v2 ba...
phpnukehadith-sql.txt
R B T - 4 C R E W www.rbt-4.net ----------------------------------------------- AUTHOR : Lovebug PHP-Nuke Module "Hadith" cat Sql injection Original Advisory: http://www.rbt-4.net/forum/viewthread.php?forumid=51&threadid=3078 Exploit...
PHP-Nuke Hadith 'cat' SQL注入漏洞
BUGTRAQ ID: 28171 CNCAN ID:CNCAN-2008031111 PHP-Nuke Hadith是一款基于PHP的WEB应用程序。 PHP-Nuke Hadith不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞进行SQL注入攻击,可获得敏感信息或操作数据库。 问题是由于脚本对用户提交的'cat'参数处理缺少充分过滤,提交恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息或操作数据库。 Kemas Yunus Antonius Sunnah and Hadith 目前没有详细解决方案提供:...
PHP-Nuke Hadith Module - cat SQL Injection
PHP-Nuke Hadith Module - cat SQL Injection source: https://www.securityfocus.com/bid/28171/info The Hadith module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow...
PHP-Nuke SQL injection Module "Hadith" [cat]
R B T - 4 C R E W www.rbt-4.net ----------------------------------------------- AUTHOR : Lovebug PHP-Nuke Module "Hadith" cat Sql injection Original Advisory: http://www.rbt-4.net/forum/viewthread.php?forumid=51&threadid=3078 Exploit...
PHP-Nuke Hadith Module - 'cat' SQL Injection
source: https://www.securityfocus.com/bid/28171/info The Hadith module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application,...