21 matches found
EUVD-2007-0086
Malware in sbrugna...
EUVD-2006-3160
Malware in sbrugna...
EUVD-2008-2333
Malware in sbrugna...
IMGallery <= 2.5 Create Uploader Script Exploit
No description provided by source...
Sql injection
Multiple SQL injection vulnerabilities in IMGallery 2.5, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 kategoria parameter to a galeria.php and the 2 idphot parameter to b popup/koment.php and c popup/opis.php in, different vectors than...
CVE-2008-2337
Multiple SQL injection vulnerabilities in IMGallery 2.5, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 kategoria parameter to a galeria.php and the 2 idphot parameter to b popup/koment.php and c popup/opis.php in, different vectors than...
CVE-2008-2337
Multiple SQL injection vulnerabilities in IMGallery 2.5, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 kategoria parameter to a galeria.php and the 2 idphot parameter to b popup/koment.php and c popup/opis.php in, different vectors than...
CVE-2008-2337
CVE-2008-2337 affects IMGallery 2.5, with multiple SQL injection vulnerabilities when magic_quotes_gpc is disabled. Exploitable via the (1) kategoria parameter to galeria.php and (2) id_phot parameter to popup/koment.php and popup/opis.php, per primary description. Connected records also link to ...
IMGallery 2.5 Multiply Remote SQL Injection Vulnerabilities
No description provided by source. Name : IMGallery 2.5 Multiply Remote SQL Injection Vulnerabilities Author : cOndemned Conditions : magicquotesgpc = off ;/ Greetz : irk4z, GregStar, ZaBeaTy, d3d!k, CodersWorld, gathering and Avantura ;...
IMGallery 2.5 - Multiple SQL Injections
IMGallery 2.5 - Multiple SQL Injections Name : IMGallery 2.5 Multiply Remote SQL Injection Vulnerabilities Author : cOndemned Conditions : magicquotesgpc = off ;/ Greetz : irk4z, GregStar, ZaBeaTy, d3d!k, CodersWorld, gathering and Avantura ;...
IMGallery 2.5 - Multiple SQL Injections
Name : IMGallery 2.5 Multiply Remote SQL Injection Vulnerabilities Author : cOndemned Conditions : magicquotesgpc = off ;/ Greetz : irk4z, GregStar, ZaBeaTy, d3d!k, CodersWorld, gathering and Avantura ;...
CVE-2007-0082
usersadm/start1.php in IMGallery 2.5 and earlier does not properly handle files with multiple extensions, which allows remote authenticated users to upload and execute arbitrary PHP scripts...
CVE-2007-0082
usersadm/start1.php in IMGallery 2.5 and earlier does not properly handle files with multiple extensions, which allows remote authenticated users to upload and execute arbitrary PHP scripts...
CVE-2007-0082
This entry covers CVE-2007-0082 affecting IMGallery 2.5 and earlier. The vulnerability occurs in users_adm/start1.php where files with multiple extensions are not properly handled, allowing remote authenticated users to upload and execute arbitrary PHP scripts. The documented impact is partial co...
IMGallery Start.PHP任意文件上传漏洞
IMGallery是一款基于PHP的WEB应用程序。 IMGallery不正确过滤用户提交的输入,远程攻击者可以利用漏洞上传任意脚本以WEB权限执行任意命令。 问题是上传处理脚本对用户提交的扩展名缺少过滤,提交类似hauru.jpg.png.php之类的PHP,可绕过检查,以WEB权限执行任意PHP命令。 IMGallery IMGallery 2.5 目前没有解决方案提供: http://www.imgallery.zor.pl/ ? //Kacper Settings $exploitname = "IMGallery = 2.5 Create Uploader Script...
IMGallery <= 2.5 Create Uploader Script Exploit
No description provided by source. ? //Kacper Settings $exploitname = "IMGallery = 2.5 Create Uploader Script Exploit"; $scriptname = "IMGallery 2.5"; $scriptsite = "http://www.imgallery.zor.pl/"; $dork = '"Powered by IMGallery"'; // print ' ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+...
IMGallery 2.5 - Create Uploader Script
IMGallery 2.5 - Create Uploader Script DEVIL TEAM IRC: irc.milw0rm.com:6667 devilteam http://www.rahim.webd.pl/ ======== Contact: [email protected] cod3d by Kacper -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=...
IMGallery 2.5 - Create Uploader Script
DEVIL TEAM IRC: irc.milw0rm.com:6667 devilteam http://www.rahim.webd.pl/ ======== Contact: [email protected] cod3d by Kacper -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=...
CVE-2006-3163
Multiple SQL injection vulnerabilities in galeria.php in IMGallery 2.4 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 start or 2 sort parameters...
CVE-2006-3163
Vulnerability (CVE-2006-3163): IMGallery 2.4 and earlier contain multiple SQL injection flaws in galeria.php. Remote attackers can execute arbitrary SQL commands via the (1) start or (2) sort parameters, potentially impacting data confidentiality and integrity depending on backend permissions.