Sql injection

Multiple SQL injection vulnerabilities in Dolibarr 3.1.0 RC and probably earlier allow remote authenticated users to execute arbitrary SQL commands via the 1 sortfield, 2 sortorder, and 3 sall parameters to user/index.php and b user/group/index.php; the id parameter to 4 info.php, 5 perms.php, 6...

CVE-2010-4974

SQL injection vulnerability in info.php in BrotherScripts BS and ScriptsFeed Auto Dealer allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2010-4974

CVE-2010-4974 describes an SQL injection in info.php for BrotherScripts (BS) and ScriptsFeed Auto Dealer. The vulnerability allows remote attackers to inject SQL commands through the id parameter, with a network attack vector and low complexity, resulting in partial confidentiality, integrity, an...

CMS Faethon 'info.php' SQL Injection Vulnerability

CMS Faethon is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2009-5094

SQL injection vulnerability in info.php in CMS Faethon 2.2.0 Ultimate allows remote attackers to execute arbitrary SQL commands via the item parameter...

CVE-2009-5094

SQL injection vulnerability in info.php in CMS Faethon 2.2.0 Ultimate allows remote attackers to execute arbitrary SQL commands via the item parameter...

CVE-2009-5094

CMS Faethon 2.2.0 Ultimate is affected by an SQL Injection vulnerability in the file info.php triggered via the item parameter. The root cause is improper handling of user-supplied input, allowing an attacker to send crafted SQL statements that may be executed by the database. Impact per sources ...

cgcraft llc (info.php?id) (news_item.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability cgcraft llc info.php?id newsitem.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.cgcraft.com/ Persian Gulf 4 Ever! Dork : "website by cgCraft llc"...

cgcraft llc (info.php?id) (news_item.php?id) Remote SQL injection

No description provided by source. IRANIAN THE BEST HACKERS IN THE WORLD \ Remote SQL injection Vulnerability cgcraft llc info.php?id newsitem.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.cgcraft.com/ Persian Gulf 4 Ever! Dork :...

Travel411 - SQL Injection

===================================================================== . . . . | | ||/ | || | / / \ / /\ | | / | \ \ | |/ | \ / | || | // | / // | \ /\ | /|//|||| |\ | / /|| / Exploit-ID is the Indonesian Exploit Archive Web : exploit-id.com e-mail : rootatexploit-id.com Caddy-Dz , member...

Travel411 - SQL Injection

Travel411 - SQL Injection ===================================================================== . . . . | | ||/ | || | / / \ / /\ | | / | \ \ | |/ | \ / | || | // | / // | \ /\ | /|//|||| |\ | / /|| / Exploit-ID is the Indonesian Exploit Archive Web : exploit-id.com e-mail :...

CVE-2010-2905

SQL injection vulnerability in info.php in ScriptsFeed and BrotherScripts BS Scripts Directory allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2010-2905

SQL injection vulnerability in info.php in ScriptsFeed and BrotherScripts BS Scripts Directory allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2010-2905

CVE-2010-2905 is a SQL injection vulnerability affecting the ScriptsFeed and BrotherScripts (BS) Scripts Directory, exploitable via the id parameter in info.php and allowing remote execution of arbitrary SQL commands. The CVE has corroborating entries in multiple sources (NVD, CVE list, PRION) de...

CVE-2009-4961

CVE-2009-4961 affects Lanai Core 0.6. Affected component: info.php that calls phpinfo, enabling remote attackers to disclose configuration information. Impact is information disclosure (no integrity/availability impact stated). No remediation details are provided in the trusted documents; upgradi...

BS Scripts Directory - 'info.php' SQL Injection

Exploit Title: BS Script Directory remote SQL injection vulnerability Date: 15th july 2010 Author: D4rk357 Critical:high contact:d4rk357atyahoodotin Price : 24.95 $ Software Link:http://www.brotherscripts.com/productinfo.php?productsid=454 Greetz to :b0nd, Fbih2s,Beenu,rockey killer,The empty,...

CVE-2008-6655

Multiple cross-site scripting XSS vulnerabilities in GEDCOMTOMYSQL 2 allow remote attackers to inject arbitrary web script or HTML via the 1 nombranche and 2 nom parameters to php/prenom.php; the 3 nombranche parameter to php/index.php; and the 4 nombranche, 5 nom, and 6 prenom parameters to...

CVE-2008-6225

CVE-2008-6225 concerns a SQL injection vulnerability in the Mole Group Airline Ticket Sale Script, specifically in info.php where the flight parameter can be exploited to execute arbitrary SQL commands. This is reported across multiple sources as a vulnerability allowing remote attackers to run a...

CVE-2008-6159

Content Management Made Easy (CMME) 1.19 is affected by an information disclosure vulnerability where a direct request to info.php invokes phpinfo, allowing remote attackers to obtain system information. The flaw is triggered by accessing the info.php entry point, and the underlying cause is the ...

CmsFaethon 2.2.0 (info.php item) SQL Command Injection Exploit

No description provided by source. !/usr/bin/perl |----------------------------------------------------------------------------------------------------------------------------------| | INFORMATIONS |...