4 matches found
EUVD-2006-4451
Malware in sbrugna...
Old Y article management system of the injection 0day-vulnerability warning-the black bar safety net
Magic springsB. S. N. hacking Defense Vulnerability rating: moderate Vulnerability description: The vulnerability appears in the js. asp, we first look at the source code. Code: If CheckStrRequest"ClassNo" "" then ClassNo = splitCheckStrRequest"ClassNo","|" 'Here is to get the variable using...
JetStat JS ASP Faq Manager SQL注入漏洞
JetStat JS ASP Faq Manager是一款基于PHP的FAQ管理程序。 JetStat JS ASP Faq Manager不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞进行SQL注入攻击,获得敏感信息。 问题是由于多个脚本对用户提交的WEB参数缺少过滤,提交恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息或操作数据库。 JetStat JS ASP Faq Manager 1.10 http://www.jetstat.com/asp/faq/...
CVE-2006-4463
CVE-2006-4463 : SQL injection vulnerability in the administrator control panel of Jetstat.com JS ASP Faq Manager 1.10 and earlier, allowing remote attackers to execute arbitrary SQL commands through the pwd parameter (.password field). Connected records also show a related, different-vector CVE-2...