36 matches found
EUVD-2005-3508
Malware in sbrugna...
EUVD-2007-5943
Malware in sbrugna...
JPORTAL资源整合SQL注射漏洞三
简要描述: JPORTAL资源整合SQL注射漏洞三 详细说明: 突然发现大汉网络的JPORTAL资源整合系统在一般应用里面,SO... 我来了 文件路径: /pertoolsubsite/resource/resdetaillistajax.jsp?tagid=1 部分代码为: String tagid = Convert.getParameterrequest,"tagid"; String tagname = Convert.getParameterrequest,"tagname"; int isiteid= userEntity.getIsiteid; int linages =...
JPORTAL资源整合SQL注射漏洞
简要描述: JPORTAL资源整合SQL注射漏洞 详细说明: 突然发现大汉网络的JPORTAL资源整合系统在一般应用里面,SO... 我来了 文件路径: /pertoolsubsite/read/favoajaxforgen.jsp 部分代码为: else if"DO".equalsopr if !type.equals"11"||url.trim.length==0||paperTitle.trim.length==0 out.clear; out.print"false"; return; ArrayList list =...
JPortal 2.3.1 Banner.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13103/info JPortal is reportedly affected by an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...
JPortal Web Portal 2.2.1/2.3.1 news.php id Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15324/info JPortal is prone to multiple SQL injection vulnerabilities. These are due to a lack of proper sanitization of user-supplied input before being used in an SQL query. Successful exploitation could result in a...
JPortal Web Portal 2.2.1/2.3.1 comment.php id Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15324/info JPortal is prone to multiple SQL injection vulnerabilities. These are due to a lack of proper sanitization of user-supplied input before being used in an SQL query. Successful exploitation could result in a...
JPortal 2.2.1 Print.php SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10430/info JPortal is reportedly affected by a remote SQL injection vulnerability in the print.inc.php script. This issue is due to a failure of the application to properly sanitize user-supplied URI input before using it...
JPortal 2.2.1/2.3.1 Download.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14926/info JPortal is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could resu...
jPORTAL 2 SQL Injection
Exploit Title: jPORTAL 2 SQL Injection Vulnerabilitiy Google Dork: "powered by jPORTAL 2" Date: 8/12/2011 Author: H4ckCity Security Team Discovered By: farbodmahini Home: WwW.H4ckCity.Org Software Link: http://jportal2.com/ Version: All Version Security Risk::High Tested on: GNU/Linux Ubuntu -...
jPortal 'humor.php' SQL注入漏洞
BUGTRAQ ID: 31274 CNCAN ID:CNCAN-2008092309 jPortal是一款基于PHP的WEB应用程序。 jPortal不正确处理用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,可能获得敏感信息或操作数据库。 问题由于'humor.php'脚本对用户提交给'id'参数缺少过滤,构建恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息或操作数据库。 JPortal 2 目前没有解决方案提供: http://www.jportal.info/downloadjportal.php...
jPORTAL 2.3.1 & UserPatch (forum.php) Remote Code Execution Exploit
No description provided by source. ?php jPORTAL 2.3.1 & UserPatch forum.php Remote PHP Code Execution Exploit author: irk4zatyahoo.pl http://irk4z.wordpress.com dorks: "powered by jPORTAL 2 & UserPatch" "powered by jPORTAL 2" greetz: str0ke, wacky, polish under :...
CVE-2007-5974
SQL injection vulnerability in mailer.php in JPortal 2 allows remote attackers to execute arbitrary SQL commands via the to parameter...
CVE-2007-5973
CVE-2007-5973 concerns a SQL injection vulnerability in the Articles module of JPortal 2.3.1 and earlier. The flaw allows remote attackers to manipulate the underlying SQL query via the topic parameter, potentially enabling arbitrary SQL execution. The available descriptions confirm the affected ...
JPortal Articles.PHP SQL注入漏洞
JPortal是一款基于PHP的WEB应用程序。 JPortal不正确过滤用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,获得敏感信息或操作数据库。 问题是'Articles.PHP'脚本对用户提交的'topic'参数缺少过滤,提交恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息或操作数据库。 JPortal 2.3.1 目前没有详细解决方案提供: http://www.jportal.info/downloadjportal.php...
jPORTAL <= 2.3.1 articles.php Remote SQL Injection Vulnerability
No description provided by source. Title:jPORTAL = 2.3.1 and Remote SQL Injection Vulnerability Dork: intext:"jPORTAL 2" & inurl:"articles.php?topic=" Autor: Alexsize E-Mail: [email protected] Site: Antichat.ru articles.php?topic=-3+union+select+1,pass,3,4,5+from+admins/ Vuln code: function...
jPORTAL 2.3.1 - articles.php SQL Injection
jPORTAL 2.3.1 - articles.php SQL Injection Title:jPORTAL ='.$r'title'.''; C уважением, Alexsize. milw0rm.com 2007-11-09...
jPORTAL 2.3.1 - 'articles.php' SQL Injection
Title:jPORTAL ='.$r'title'.''; C уважением, Alexsize. milw0rm.com 2007-11-09...
jPORTAL <= 2.3.1 articles.php Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ================================================================ jPORTAL '.$r'title'.''; 0day.today 2018-01-10...
CVE-2005-3509
Multiple SQL injection vulnerabilities in JPortal allow remote attackers to execute arbitrary SQL commands via 1 banner.php or the id parameter to 2 print.php, 3 comment.php, and 4 news.php...