10 matches found
EUVD-2007-6636
Malware in sbrugna...
Sql injection
SQL injection vulnerability in loginform.asp in Instant Softwares Dating Site allows remote attackers to execute arbitrary SQL commands via the Username parameter, a different vulnerability than CVE-2007-6671. NOTE: the provenance of this information is unknown; the details are obtained solely fr...
CVE-2007-6671
SQL injection vulnerability in loginform.asp in Instant Softwares Dating Site allows remote attackers to execute arbitrary SQL commands via the Password parameter, a different product than CVE-2006-6021. NOTE: some of these details are obtained from third party information...
CVE-2007-6671
SQL injection vulnerability in loginform.asp in Instant Softwares Dating Site allows remote attackers to execute arbitrary SQL commands via the Password parameter, a different product than CVE-2006-6021. NOTE: some of these details are obtained from third party information...
CVE-2008-0131
CVE-2008-0131 describes a Cross-site scripting (XSS) vulnerability in login_form.asp of Instant Softwares Dating Site, exploitable by remote attackers via the msg parameter. The description notes the vulnerability is in a different product than CVE-2006-6022 and that provenance is unknown with de...
CVE-2008-0130
SQL injection vulnerability in loginform.asp in Instant Softwares Dating Site allows remote attackers to execute arbitrary SQL commands via the Username parameter, a different vulnerability than CVE-2007-6671. NOTE: the provenance of this information is unknown; the details are obtained solely fr...
CVE-2007-6671
CVE-2007-6671 is a SQL injection vulnerability in the login_form.asp of the Instant Softwares Dating Site. The flaw allows remote attackers to execute arbitrary SQL commands through the Password parameter (the description notes it is a different product than CVE-2006-6021). Other connected source...
CVE-2008-0130
The CVE-2008-0130 entry documents a SQL injection vulnerability in Instant Softwares Dating Site, specifically in login_form.asp. The issue allows remote attackers to execute arbitrary SQL commands via the Username parameter (per the CVE description), and is identified alongside related entries s...
CVE-2008-0131
Cross-site scripting XSS vulnerability in loginform.asp in Instant Softwares Dating Site allows remote attackers to inject arbitrary web script or HTML via the msg parameter, a different product than CVE-2006-6022. NOTE: the provenance of this information is unknown; the details are obtained sole...
Instant Softwares DatingSite SQL Injection
Aria-Security Team, http://Aria-Security.net ------------------------------- Shout Outs: AurA, imm02tal Vendor: http://www.instantsoftwares.com/pddatingsite.asp Google search: Home Dating Tips Join Now Member Login Gallery Blog Chat Room About Us Contact Us Username: Admin OR WHOEVER YOU WANT!...