2 matches found
Hive 2.0 RC2 XSS / Code Execution / SQL Injection
| Title : Hive v2.0 RC2 Multi Vulnerability | Author : indoushka | email : [email protected] | Dork : "Powered by DigitalHive" | Tested on: windows 8.1 Français V.Pro | Bug : Stop Script | Download : http:///www.digitalhive.com ======================================= Stop SCript working :...
CVE-2008-0290
Affected software: Digital Hive 2.0 RC2 and earlier. The CVE describes two SQL injection vectors: (1) via the selectskin parameter to an unspecified program, allowing remote execution of arbitrary SQL commands; (2) via the user_id parameter in gestione_membre.php to base.php, allowing remote auth...