Hot Links SQL-PHP - Multiple Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/29632/info Hot Links SQL-PHP is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code i...

Hot Links SQL-PHP 'news.php' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31118/info Hot Links SQL-PHP is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

[eVuln.com] report.cgi SQL inj in Hot Links SQL (CGI version)

New eVuln Advisory: report.cgi SQL inj in Hot Links SQL http://evuln.com/vulns/141/summary.html -----------Summary----------- eVuln ID: EV0141 Software: Hot Links SQL 3 Vendor: Mrcgiguy Version: 3.2.0 Critical Level: medium Type: SQL injection Status: Unpatched. No reply from developers PoC:...

[eVuln.com] Cookie Auth Bypass in Hot Links SQL

New eVuln Advisory: Cookie Auth Bypass in Hot Links SQL http://evuln.com/vulns/140/summary.html ----------------------- Summary ------------------------- eVuln ID: EV0140 Software: Hot Links SQL 3 Vendor: Mrcgiguy Version: 3.2.0 Critical Level: high Type: Authentication Bypass Status: Unpatched. ...

Hot Links SQL report.cgi SQL Injection

New eVuln Advisory: report.cgi SQL inj in Hot Links SQL http://evuln.com/vulns/141/summary.html -----------Summary----------- eVuln ID: EV0141 Software: Hot Links SQL 3 Vendor: Mrcgiguy Version: 3.2.0 Critical Level: medium Type: SQL injection Status: Unpatched. No reply from developers PoC:...

Hot Links SQL 3.2 - 'report.cgi' SQL Injection

source: https://www.securityfocus.com/bid/45000/info Hot Links SQL is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...

Hot Links SQL 3.2.0 Administrative Bypass

New eVuln Advisory: Cookie Auth Bypass in Hot Links SQL http://evuln.com/vulns/140/summary.html ----------------------- Summary ------------------------- eVuln ID: EV0140 Software: Hot Links SQL 3 Vendor: Mrcgiguy Version: 3.2.0 Critical Level: high Type: Authentication Bypass Status: Unpatched. ...

CVE-2008-7120

SQL injection vulnerability in Mr. CGI Guy Hot Links SQL-PHP 3 and earlier allows remote attackers to execute arbitrary SQL commands via the news.php parameter...

CVE-2008-7121

CVE-2008-7121 describes an XSS vulnerability in Mr. CGI Guy Hot Links SQL-PHP 3 and earlier, where remote attackers can inject arbitrary web script or HTML through the search bar. The affected component is the SQL-PHP-based search functionality in the product, with exploitation relying on imprope...

MRCGIGUY Hot Links SQL 3.2.0 Insecure Cookie Handling Vuln

No description provided by source. --------------------------------------------------------------- --------------------------------------------------------------- Hot Links SQL / Hot Links SQL-PHP Version 3.2.0 Insecure Cookie Handling Vulnerability...

MRCGIGUY Hot Links SQL 3.2.0 Insecure Cookie Handling Vuln

Exploit for unknown platform in category web applications ========================================================== MRCGIGUY Hot Links SQL 3.2.0 Insecure Cookie Handling Vuln ========================================================== --------------------------------------------------------------...

MRCGIGUY Hot Links SQL 3.2.0 - Insecure Cookie Handling

MRCGIGUY Hot Links SQL 3.2.0 - Insecure Cookie Handling --------------------------------------------------------------- --------------------------------------------------------------- Hot Links SQL / Hot Links SQL-PHP Version 3.2.0 Insecure Cookie Handling Vulnerability...

MRCGIGUY Hot Links SQL 3.2.0 - Insecure Cookie Handling

--------------------------------------------------------------- --------------------------------------------------------------- Hot Links SQL / Hot Links SQL-PHP Version 3.2.0 Insecure Cookie Handling Vulnerability --------------------------------------------------------------- Founder : TiGeR-Dz...

CVE-2008-4379

Cross-site scripting XSS vulnerability in report.php in Mr. CGI Guy Hot Links SQL-PHP 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter...

CVE-2008-4379

CVE-2008-4379 is a cross-site scripting (XSS) vulnerability impacting report.php in Mr. CGI Guy Hot Links SQL-PHP 3.0 and earlier. The flaw allows remote attackers to inject arbitrary web script or HTML via the id parameter, as described in the NVD entry. The reported impact is partial confidenti...

hotlinks-sql.txt

. . | / | | \ \ | / / |\ \ \ |/ // / /\ \ / |/ \ / // | / | | / \ /|\ / / / / \ / \ / / / \ | | /\ /\ / \ | \ // est.2007 / / forum.darkc0de.com --d3hydr8 -rsauron-baltazar -sinner01 -C1c4Tr1Z - beenu ---QKrun1x-P47tr1ck - FeDeReR -MAGE -JeTFyrE and all darkc0de members ---...

Hot Links SQL-PHP 3 (report.php) Multiple Vulnerabilities

No description provided by source. /\ \ /\ \ \ /\ /\ \ //\ \ \ \ \ \ \ \ \ \ \ /',\ \ \ \ \ \ \ \ /\ /'\ /'\ \ \ \ /\ ,\ /, \ \ \ \ ,\ \ \ \ \ // / // /\//\///\/\ \ \/\ // // // //////// //// security breakd0wn! Title: Hot Links SQL-PHP 3 report.php Multiple...

Hot Links SQL-PHP 3 - report.php Multiple Vulnerabilities

Hot Links SQL-PHP 3 - report.php Multiple Vulnerabilities /\ \ /\ \ \ /\ /\ \ //\ \ \ \ \ \ \ \ \ \ \ /',\ \ \ \ \ \ \ \ /\ /'\ /'\ \ \ \ /\ ,\ /, \ \ \ \ ,\ \ \ \ // / // /\//\///\/\ \ \/\ // // // //////// //// security breakd0wn! Title: Hot Links SQL-PHP 3...

CVE-2005-4041

Cross-site scripting XSS vulnerability in search.cgi in MR CGI Guy Hot Links SQL 3.1.x and Hot Links Pro 3.1.x allows remote attackers to inject arbitrary web script or HTML via the query string...

CVE-2005-4041

CVE-2005-4041 describes a cross-site scripting (XSS) vulnerability in the search.cgi component of MR CGI Guy Hot Links SQL 3.1.x and Hot Links Pro 3.1.x. The issue arises from injecting arbitrary script/HTML via the query string, enabling an attacker to trigger client-side code in affected users’...