EUVD-2018-21669

ASP.NET jVideo Kit 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to inject SQL commands through the 'query' parameter in the search functionality. Attackers can submit malicious SQL payloads via GET or POST requests to the /search endpoint to extract sensitive...

CVE-2018-25205

CVE-2018-25205 concerns ASP.NET jVideo Kit 1.0, where a vulnerability in the search functionality allows unauthenticated SQL injection via the query parameter in the /search endpoint. Attackers can submit malicious payloads through GET or POST requests to extract sensitive database information us...

CVE-2018-25205 ASP.NET jVideo Kit 1.0 SQL Injection via query Parameter

ASP.NET jVideo Kit 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to inject SQL commands through the 'query' parameter in the search functionality. Attackers can submit malicious SQL payloads via GET or POST requests to the /search endpoint to extract sensitive...

CVE-2018-25205 ASP.NET jVideo Kit 1.0 SQL Injection via query Parameter

ASP.NET jVideo Kit 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to inject SQL commands through the 'query' parameter in the search functionality. Attackers can submit malicious SQL payloads via GET or POST requests to the /search endpoint to extract sensitive...

Mediasoftpro ASP.NET jVideo Kit SQL注入漏洞

Mediasoftpro ASP.NET jVideo Kit is a video management and publishing component suite developed by Mediasoftpro. Version 1.0 of Mediasoftpro ASP.NET jVideo Kit contains a SQL injection vulnerability, which stems from insufficient validation of query parameter inputs, potentially allowing SQL...

EUVD-2009-4900

Malware in sbrugna...

ASP.NET jVideo Kit - query SQL Injection

ASP.NET jVideo Kit - query SQL Injection Exploit Title: ASP.NET jVideo Kit - 'query' SQL Injection Dork: N/A Date: 23.05.2018 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor: MediaSoft Pro Vendor Homepage: https://www.mediasoftpro.com/video-sharing-script/mvc/ Version: v1.0 Category: Webapps...

ASP.NET jVideo Kit - query SQL Injection Vulnerability

Exploit for asp platform in category web applications Exploit Title: ASP.NET jVideo Kit - 'query' SQL Injection Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor: MediaSoft Pro Vendor Homepage: https://www.mediasoftpro.com/video-sharing-script/mvc/ Version: v1.0 Category: Webapps Tested on: Kali...

ASP.NET jVideo Kit 1.0 SQL Injection

Exploit Title: ASP.NET jVideo Kit - 'query' SQL Injection Dork: N/A Date: 23.05.2018 Exploit Author: Azkan Mustafa AkkuA AkkuS Vendor: MediaSoft Pro Vendor Homepage: https://www.mediasoftpro.com/video-sharing-script/mvc/ Version: v1.0 Category: Webapps Tested on: Kali linux Description : The...

ASP.NET jVideo Kit - 'query' SQL Injection

Exploit Title: ASP.NET jVideo Kit - 'query' SQL Injection Dork: N/A Date: 23.05.2018 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor: MediaSoft Pro Vendor Homepage: https://www.mediasoftpro.com/video-sharing-script/mvc/ Version: v1.0 Category: Webapps Tested on: Kali linux Description : The...

dahan jvideo /livingVideoInfos SQL注入漏洞

No description provided by source...

大汉jbook、jget、jvideo、source、jphoto和lm的通用越权漏洞

简要描述： jbook=订阅系统（好像是） source=数据源采集系统 jget=信息采集系统 jvideo=视频系统 jphoto=图片系统 lm=互动系统 大概就是这样。 详细说明： 某个同名文件虽然代码大同小异，但是都产生了同样的越权漏洞，可以重置这几个系统的安装目录相关配置信息。 漏洞证明： None 先用jphoto来做例子。 http://www.yzwh.gov.cn/jphoto/setup/ 这是jphoto的setup目录，先用exp提交数据： 提交成功后，提示配置文件修改完成，重启服务。 Exp里面是把密码设置为123456的...

CVE-2009-4938

The CVE-2009-4938 issue affects the JVideo! (com_jvideo) Joomla! component (versions 0.3.11c Beta and 0.3.x). The vulnerability is a SQL injection in the models/user.php context triggered via the user_id parameter in a user action to index.php, allowing remote attackers to execute arbitrary SQL c...

CVE-2009-4938

SQL injection vulnerability in the JVideo! comjvideo component 0.3.11c Beta and 0.3.x for Joomla! allows remote attackers to execute arbitrary SQL commands via the userid parameter in a user action to index.php...

CVE-2009-4938

SQL injection vulnerability in the JVideo! comjvideo component 0.3.11c Beta and 0.3.x for Joomla! allows remote attackers to execute arbitrary SQL commands via the userid parameter in a user action to index.php...

Sql injection

SQL injection vulnerability in the JVideo! comjvideo component 0.3.11c Beta and 0.3.x for Joomla! allows remote attackers to execute arbitrary SQL commands via the userid parameter in a user action to index.php...

JVideo! Component for Joomla! 'user_id' Parameter SQLi

The version of the JVideo! component for Joomla! running on the remote host is affected by a SQL injection vulnerability in the models/user.php script due to improper sanitization of user-supplied input to the 'userid' parameter before using it to construct database queries in the getUsername...

Joomla Component JVideo 0.3.x SQL Injection Vulnerability

No description provided by source. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Joomla Component comjvideo userid SQL-injection Vulnerability ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + Author : Chip D3 Bi0s + Greetz : d4n!ux +...

Joomla JVideo 0.3.x SQL Injection

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Joomla Component comjvideo userid SQL-injection Vulnerability ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + Author : Chip D3 Bi0s + Greetz : d4n!ux + xjeshua + eCORE + Painboy + rayok3nt ...

Joomla! Component JVideo 0.3.x - SQL Injection

Joomla! Component JVideo 0.3.x - SQL Injection ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Joomla Component comjvideo userid SQL-injection Vulnerability ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + Author : Chip D3 Bi0s + Greetz :...