EUVD-2008-0292

Malware in sbrugna...

ID-Commerce 2.0 'liste.php' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27220/info ID-Commerce is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise t...

Sql injection

SQL injection vulnerability in liste.php in ID-Commerce 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the idFamille parameter...

CVE-2008-0281

SQL injection vulnerability in liste.php in ID-Commerce 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the idFamille parameter...

CVE-2008-0281

CVE-2008-0281 is a SQL injection vulnerability in liste.php of ID-Commerce 2.0 and earlier, where the idFamille parameter allows remote attackers to execute arbitrary SQL commands. The public records identify the affected component as ID-Commerce 2.0 (and earlier) with a likely input vector via i...

ID-Commerce 'liste.php' SQL注入漏洞

BUGTRAQ ID: 27220 CNCAN ID:CNCAN-2008011404 ID-Commerce是一款基于PHP的WEB应用程序。 ID-Commerce不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞进行SQL注入攻击，可获得敏感信息或操作数据库。 问题是由于'liste.php'脚本对用户提交的WEB参数处理缺少充分过滤，提交恶意SQL查询作为参数数据，可更改原来的SQL逻辑，获得敏感信息或操作数据库。 ID-Commerce 2.0 厂商解决方案 目前没有解决方案提供： http://www.id-commerce.com/...

[Full-disclosure] ID-Commerce Security Advisory - SLR-2007-001

Blind SQL injection : google : inurl:'liste.php?idFamille=' http://URL/liste.php?idFamille=120or201=1 http://URL/liste.php?idFamille=120or201=0...

[Full-disclosure] ID-Commerce Security Advisory - SLR-2007-001

ID-Commerce Security Advisory - SLR-2007-001 +------------------------------------------------------------------------+ | Product | ID-Commerce | |--------------------+---------------------------------------------------| | Summary | SQL Injection Vulnerabilities |...

ID-Commerce 2.0 - liste.php SQL Injection

ID-Commerce 2.0 - liste.php SQL Injection source: https://www.securityfocus.com/bid/27220/info ID-Commerce is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

ID-Commerce 2.0 - 'liste.php' SQL Injection

source: https://www.securityfocus.com/bid/27220/info ID-Commerce is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...

[Full-disclosure] ID-Commerce Security Advisory - SLR-2007-001

Blind SQL injection : check : inurl:'liste.php?idFamille=' http://URL/liste.php?idFamille=120or201=1 http://url/liste.php?idFamille=120or201=1 http://URL/liste.php?idFamille=120or201=0 http://url/liste.php?idFamille=120or201=0...