EUVD-2013-6973

Malware in sbrugna...

EUVD-2013-6972

Malware in sbrugna...

iScripts AutoHoster 3.0 - siteid SQL Injection

iScripts AutoHoster 3.0 - siteid SQL Injection Exploit Title: iScripts AutoHoster v3.0 Script - SQL Injection Google Dork: N/A Date: 04.02.2017 Vendor Homepage: http://www.iscripts.com/ Software Buy: http://www.iscripts.com/autohoster/ Demo: http://www.demo.iscripts.com/autohoster/demo/ Version:...

iScripts AutoHoster 3.0 - 'siteid' SQL Injection

Exploit Title: iScripts AutoHoster v3.0 Script - SQL Injection Google Dork: N/A Date: 04.02.2017 Vendor Homepage: http://www.iscripts.com/ Software Buy: http://www.iscripts.com/autohoster/ Demo: http://www.demo.iscripts.com/autohoster/demo/ Version: 3.0 Tested on: Win7 x64, Kali Linux x64 Exploit...

iScripts AutoHoster <= 2.4 Multiple Vulnerabilities

iScripts AutoHoster is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2013-7190

Multiple directory traversal vulnerabilities in iScripts AutoHoster, possibly 2.4, allow remote attackers to read arbitrary files via the 1 tmpid parameter to websitebuilder/showtemplateimage.php, 2 fname parameter to admin/downloadfile.php, or 3 id parameter to support/admin/csvdownload.php; or ...

CVE-2013-7189

Multiple SQL injection vulnerabilities in iScripts AutoHoster, possibly 2.4, allow remote attackers to execute arbitrary SQL commands via the cmbdomain parameter to 1 checktransferstatus.php, 2 checktransferstatusbck.php, or 3 additionalsettings.php; or 4 invno parameter to payinvoiceothers.php...

Directory traversal

Multiple directory traversal vulnerabilities in iScripts AutoHoster, possibly 2.4, allow remote attackers to read arbitrary files via the 1 tmpid parameter to websitebuilder/showtemplateimage.php, 2 fname parameter to admin/downloadfile.php, or 3 id parameter to support/admin/csvdownload.php; or ...

Sql injection

Multiple SQL injection vulnerabilities in iScripts AutoHoster, possibly 2.4, allow remote attackers to execute arbitrary SQL commands via the cmbdomain parameter to 1 checktransferstatus.php, 2 checktransferstatusbck.php, or 3 additionalsettings.php; or 4 invno parameter to payinvoiceothers.php...

CVE-2013-7190

CVE-2013-7190 describes multiple directory traversal vulnerabilities affecting iScripts AutoHoster (likely &lt;= 2.4). The issues allow remote attackers to read arbitrary files through 1) websitebuilder/showtemplateimage.php (tmpid), 2) admin/downloadfile.php (fname), 3) support/admin/csvdownload...

CVE-2013-7190

Multiple directory traversal vulnerabilities in iScripts AutoHoster, possibly 2.4, allow remote attackers to read arbitrary files via the 1 tmpid parameter to websitebuilder/showtemplateimage.php, 2 fname parameter to admin/downloadfile.php, or 3 id parameter to support/admin/csvdownload.php; or ...

CVE-2013-7189

CVE-2013-7189 : iScripts AutoHoster ≤ 2.4 contains multiple SQL injection vulnerabilities. An attacker can exploit the cmbdomain parameter in checktransferstatus.php, checktransferstatusbck.php, or additionalsettings.php, or the invno parameter in payinvoiceothers.php, to execute arbitrary SQL co...

CVE-2013-7189

Multiple SQL injection vulnerabilities in iScripts AutoHoster, possibly 2.4, allow remote attackers to execute arbitrary SQL commands via the cmbdomain parameter to 1 checktransferstatus.php, 2 checktransferstatusbck.php, or 3 additionalsettings.php; or 4 invno parameter to payinvoiceothers.php...

iScripts AutoHoster PHP Code Injection Vulnerability

iScripts AutoHoster suffers from file disclosure, PHP code injection, file disclosure, and remote SQL injection vulnerabilities. ?php / + iScripts AutoHoster + Multiple vulnerabilities , PHP Code injection Exploit + Author : i-Hmx + email protected + sec4ever.com , 1337s.cc I.Sql Injection Vuln...

iScripts AutoHoster - &#039;checktransferstatus.php&#039; SQL Injection

source: https://www.securityfocus.com/bid/64377/info iScripts AutoHoster is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these vulnerabilities to compromise the application, access or modify data, or exploit laten...

iScripts AutoHoster - id Local File Inclusion

iScripts AutoHoster - id Local File Inclusion source: https://www.securityfocus.com/bid/64377/info iScripts AutoHoster is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these vulnerabilities to compromise the...

iScripts AutoHoster - tmpid Local File Inclusion

iScripts AutoHoster - tmpid Local File Inclusion source: https://www.securityfocus.com/bid/64377/info iScripts AutoHoster is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these vulnerabilities to compromise the...

iScripts AutoHoster - &#039;id&#039; Local File Inclusion

source: https://www.securityfocus.com/bid/64377/info iScripts AutoHoster is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these vulnerabilities to compromise the application, access or modify data, or exploit laten...

iScripts AutoHoster - &#039;additionalsettings.php&#039; SQL Injection

source: https://www.securityfocus.com/bid/64377/info iScripts AutoHoster is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these vulnerabilities to compromise the application, access or modify data, or exploit laten...

iScripts AutoHoster - &#039;invno&#039; SQL Injection

source: https://www.securityfocus.com/bid/64377/info iScripts AutoHoster is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these vulnerabilities to compromise the application, access or modify data, or exploit laten...