28 matches found
EUVD-2004-1399
Malware in sbrugna...
EUVD-2006-4484
Malware in sbrugna...
EUVD-2006-4485
Malware in sbrugna...
IwebNegar 1.1 Comments.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19757/info IwebNegar is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...
IWebNegar Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/11946/info iWebNegar is reported prone to multiple SQL injection vulnerabilities, these issues exist due to a lack of sufficient boundary checks performed on user-supplied URI parameter data. These issues could...
IwebNegar Comments.PHP注入漏洞
IwebNegar是一款基于PHP的WEB应用程序。 IwebNegar不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞进行SQL注入攻击,获得敏感信息。 问题是由于'Comments.PHP'脚本对用户提交的'id'参数缺少过滤,提交恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息或操作数据库。 iWebNegar iWebNegar 1.1 http://iwebnegar.co.sr/ http://www.example.com/comments.php?id=SQL Query...
iwebnegar11.txt
:: IwebNegar v1.1 Multiple vulnerabilities :: ------------------------------------------------ Software : IwebNegar v1.1 Website : ---- Bug Discover : Hessam-x / www.hessamx.net I. Cross Site Scripting Vulnerability ------------------------------------------------- Parameter "comment" are not...
CVE-2006-4496
Cross-site scripting XSS vulnerability in comments.php in IwebNegar 1.1 allows remote attackers to inject arbitrary web script or HTML via the comment parameter...
CVE-2006-4497
SQL injection vulnerability in comments.php in IwebNegar 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2006-4497
SQL injection vulnerability in comments.php in IwebNegar 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2006-4497
CVE-2006-4497 describes an SQL injection in comments.php of IwebNegar 1.1 reachable via the id parameter. The vulnerability allows remote attackers to manipulate SQL commands, potentially impacting data confidentiality, integrity, and availability as indicated by the CVSS metrics (NVD: AV:N/AC:L/...
CVE-2006-4496
CVE-2006-4496 affects IwebNegar 1.1, with a cross-site scripting (XSS) vulnerability in comments.php exploitable via the comment parameter to inject arbitrary script/HTML. The NVD notes a MEDIUM severity (CVSSv2 base 4.3) and no authentication required, with user interaction not required but with...
IwebNegar v1.1 Multiple vulnerabilities
:: IwebNegar v1.1 Multiple vulnerabilities :: ------------------------------------------------ Software : IwebNegar v1.1 Website : ---- Bug Discover : Hessam-x / www.hessamx.net I. Cross Site Scripting Vulnerability ------------------------------------------------- Parameter "comment" are not...
IwebNegar 1.1 - 'comments.php' SQL Injection
source: https://www.securityfocus.com/bid/19757/info IwebNegar is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or...
IwebNegar 1.1 - comments.php SQL Injection
IwebNegar 1.1 - comments.php SQL Injection source: https://www.securityfocus.com/bid/19757/info IwebNegar is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker...
CVE-2004-1402
SQL injection vulnerability in iWebNegar allows remote attackers to execute arbitrary SQL commands via 1 the string parameter for index.php, 2 comments.php, or 3 the administrator login page...
CVE-2004-1402
The CVE-2004-1402 entry concerns iWebNegar, a PHP web log application. The vulnerability is a SQL injection affecting multiple entry points: the string parameter for index.php, comments.php, and the administrator login page. The underlying cause is unsanitized input that allows attackers to injec...
iWebNegar 1.1 - Configuration Nullification Denial of Service
iWebNegar 1.1 - Configuration Nullification Denial of Service / iwebnegar 1.1 remote exploit c0ded by root / c0d3r " kaveh razavi ": [email protected] bug found by " hossein asgary " in simorgh-ev security team u rux hossein compile with Ms visual C++ the php version written by the bug finder...
iWebNegar Configuration Nullification Denial of Service Exploit
Exploit for unknown platform in category web applications =============================================================== iWebNegar Configuration Nullification Denial of Service Exploit =============================================================== / iwebnegar 1.1 remote exploit c0ded by root /...
iWebNegar Configuration Nullification Denial of Service Exploit
No description provided by source. / iwebnegar 1.1 remote exploit c0ded by root / c0d3r " kaveh razavi ": [email protected] bug found by " hossein asgary " in simorgh-ev security team u rux hossein compile with Ms visual C++ the php version written by the bug finder but still priv8 greetz : Lo...