203 matches found
Andys PHP KnowledgeBase 0.95.4 - step5.php PHP Remote Code Execution
Andys PHP KnowledgeBase 0.95.4 - step5.php PHP Remote Code Execution source: https://www.securityfocus.com/bid/47918/info Andy's PHP Knowledgebase is prone to a vulnerability that lets remote attackers execute arbitrary code because the application fails to sanitize user-supplied input. Attackers...
CVE-2011-1546
Multiple SQL injection vulnerabilities in Andy's PHP Knowledgebase Aphpkb before 0.95.3 allow remote attackers to execute arbitrary SQL commands via the s parameter to 1 aviewusers.php or 2 keysearch.php; and allow remote authenticated administrators to execute arbitrary SQL commands via the 3 id...
Sql injection
Multiple SQL injection vulnerabilities in Andy's PHP Knowledgebase Aphpkb before 0.95.3 allow remote attackers to execute arbitrary SQL commands via the s parameter to 1 aviewusers.php or 2 keysearch.php; and allow remote authenticated administrators to execute arbitrary SQL commands via the 3 id...
'Andy's PHP Knowledgebase' SQL Injection Vulnerability (CVE-2011-1546)
'Andy's PHP Knowledgebase' SQL Injection Vulnerability CVE-2011-1546 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in aviewusers.php allowing for SQL injection of the 's' query parameter. II. TESTED VERSION...
Andy's PHP Knowledgebase 's' Parameter SQL Injection Vulnerability
Andy's PHP Knowledgebase is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities i...
Andy's PHP Knowledgebase 's' Parameter SQL Injection Vulnerability
Andy SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:aphpkb:aphpkb"; ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.103135";...
Andy's PHP Knowledgebase 0.95.2 (viewusers.php) SQL Injection
Exploit for php platform in category web applications I. DESCRIPTION --------------------------------------- A vulnerability exists in aviewusers.php allowing for SQL injection of the 's' query parameter. II. TESTED VERSION --------------------------------------- 0.95.2 III. PoC EXPLOIT...
Andy's PHP KnowledgeBase 0.95.2 - 'viewusers.php' SQL Injection
'Andy's PHP Knowledgebase' SQL Injection Vulnerability CVE-2011-1546 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in aviewusers.php allowing for SQL injection of the 's' query parameter. II. TESTED VERSION...
Andys PHP KnowledgeBase 0.95.2 - viewusers.php SQL Injection
Andys PHP KnowledgeBase 0.95.2 - viewusers.php SQL Injection 'Andy's PHP Knowledgebase' SQL Injection Vulnerability CVE-2011-1546 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in aviewusers.php allowing for SQL injection of...
Andy's PHP Knowledgebase 0.95.2 SQL Injection
'Andy's PHP Knowledgebase' SQL Injection Vulnerability CVE-2011-1546 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in aviewusers.php allowing for SQL injection of the 's' query parameter. II. TESTED VERSION...
Andy's PHP Knowledgebase Project 0.95.4 SQL Injection
------------------------------------------------------------------------ Software................Andy's PHP Knowledgebase Project 0.95.4 Vulnerability...........SQL Injection Threat Level............Critical 4/5 Download................http://www.aphpkb.org/ Discovery Date..........3/27/2011 Test...
Andys PHP KnowledgeBase 0.95.4 - SQL Injection
Andys PHP KnowledgeBase 0.95.4 - SQL Injection ------------------------------------------------------------------------ Software................Andy's PHP Knowledgebase Project 0.95.4 Vulnerability...........SQL Injection Threat Level............Critical 4/5...
Andy's PHP KnowledgeBase 0.95.4 - SQL Injection
------------------------------------------------------------------------ Software................Andy's PHP Knowledgebase Project 0.95.4 Vulnerability...........SQL Injection Threat Level............Critical 4/5 Download................http://www.aphpkb.org/ Discovery Date..........3/27/2011 Test...
VMware Releases Security Patch for ESX
VMware has released a security patch for ESX to address a vulnerability. Exploitation of this vulnerability may allow a local user to gain additional privileges on the affected system. US-CERT encourages users and administrators to review VMware knowledgebase article 1029397 and apply any necessa...
security update
CentOS Errata and Security Advisory CESA-2010:0734 Merged security bulletin from advisories: https://lists.centos.org/pipermail/centos-announce/2010-October/079194.html Affected packages: Upstream details at: https://access.redhat.com/errata/RHSA-2010:0734...
Kayako eSupport v3.70.02 SQL injection Vulnerability
Exploit for php platform in category web applications ==================================================== Kayako eSupport v3.70.02 SQL injection Vulnerability ==================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' ...
KubeSupport SQL Injection Vulnerability
Exploit for php platform in category web applications ======================================= KubeSupport SQL Injection Vulnerability ======================================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ ...
VU Case Manager Authentication Bypass
Exploit for asp platform in category web applications ===================================== VU Case Manager Authentication Bypass ===================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /...
RHEL 4 / 5 : nss (RHSA-2010:0165)
Updated nss packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
httpd, mod_ssl security update
CentOS Errata and Security Advisory CESA-2010:0175 Updated httpd packages that fix one security issue, a bug, and add an enhancement are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability...