39 matches found
EUVD-2007-0136
Malware in sbrugna...
EUVD-2007-0137
Malware in sbrugna...
EUVD-2006-5616
Malware in sbrugna...
EUVD-2006-5617
Malware in sbrugna...
iGeneric iG Shop 1.x Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/12627/info iGeneric iG Shop is reportedly affected by multiple SQL injection vulnerabilities. These issues exist because the application fails to properly sanitize user-supplied input before using them in SQL queries...
IG Shop 1.4 Change_Pass.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20768/info iG Shop is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the...
ig shop 1.0 (eval/SQL Injection) Multiple Vulnerabilities
No description provided by source. If eval is the answer, then you are asking the wrong question. --Unknowen ig-shop suffers from two eval's that can be controlled by an attacker: http://127.0.0.1/igshop/cart.php?action=;phpinfo;// ./cart.php line 692: eval cart$action;;...
igshopdisp-sql.txt
|| | | iG Shop displayreview.php id Remote SQL Injection Vulnerability | | |---------------------Hussin X----------------------| | | Author: Hussin X | | Home : WwW.Hussin-X.CoM | www.tryag.cc/cc | | email: darkangelg85atYahooDoTcom | | | | | | | script :...
igshop14-eval.txt
!/usr/bin/perl -w use LWP::UserAgent; iG Shop 1.4 eval Inclusion Vulnerability found by IFX nyubicrew Vulnerability on page.php if !$action $action = "make"; // here the function will be called. eval "page$action;"; die "Example: perl $0 http://www.planetgolfuk.co.uk/shop\n" unless @ARGV; $b =...
iG Shop 1.4 eval Inclusion Vulnerability
!/usr/bin/perl -w use LWP::UserAgent; iG Shop 1.4 eval Inclusion Vulnerability found by IFX nyubicrew Vulnerability on page.php if !$action $action = "make"; // here the function will be called. eval "page$action;"; die "Example: perl $0 http://www.planetgolfuk.co.uk/shopn" unless @ARGV; $b =...
Sql injection
SQL injection vulnerability in shop/page.php in iGeneric iG Shop 1.4 allows remote attackers to execute arbitrary SQL commands via the typeid parameter, a different vector than CVE-2005-0537...
iG Shop 1.4 (page.php) Remote SQL Injection Vulnerability
No description provided by source. Discovered by: gsy & kerem125 Website: www.kerem125.com Script Download: http://www.igeneric.co.uk/ig-shopping-cart.html exploit:/shop/page.php?pagetype=catalognavigate&typeid=-99%20union//select//password//from//users/...
iG Shop 1.4 (page.php) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ========================================================= iG Shop 1.4 page.php Remote SQL Injection Vulnerability ========================================================= Discovered by: gsy & kerem125 Script Download:...
iG Shop 1.4 - page.php SQL Injection
iG Shop 1.4 - page.php SQL Injection Discovered by: gsy & kerem125 Website: www.kerem125.com Script Download: http://www.igeneric.co.uk/ig-shopping-cart.html exploit:/shop/page.php?pagetype=catalognavigate&typeid=-99%20union//select//password//from//users/...
CVE-2007-0134
Multiple eval injection vulnerabilities in iGeneric iG Shop 1.0 allow remote attackers to execute arbitrary code via the action parameter, which is supplied to an eval function call in 1 cart.php and 2 page.php. NOTE: a later report and CVE analysis indicate that the vulnerability is present in 1...
Sql injection
Multiple SQL injection vulnerabilities in displayreview.php in iGeneric iG Shop 1.4 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 id or 2 userlogincookie parameter...
CVE-2007-0132
SQL injection vulnerability in compareproduct.php in iGeneric iG Shop 1.4 allows remote attackers to execute arbitrary SQL commands via the id parameter...
Sql injection
SQL injection vulnerability in compareproduct.php in iGeneric iG Shop 1.4 allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2007-0133
Multiple SQL injection vulnerabilities in displayreview.php in iGeneric iG Shop 1.4 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 id or 2 userlogincookie parameter...
CVE-2007-0132
SQL injection vulnerability in compareproduct.php in iGeneric iG Shop 1.4 allows remote attackers to execute arbitrary SQL commands via the id parameter...