13 matches found
EUVD-2007-4193
Malware in sbrugna...
LANAI CMS 1.2.14 GALLERY Module gid Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/25193/info LANAI CMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...
LANAI CMS 1.2.14 FAQ Module mid Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/25193/info LANAI CMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...
LANAI CMS 1.2.14 EZSHOPINGCART Module cid Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/25193/info LANAI CMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...
lanai-rfi.txt
Lanai cmsv1.2.16 Content Management System Remote File Inclusion ----------------------------------------------------------------------------------------------------------| Download :http://downloads.sourceforge.net/la-nai/lanai-cmsv1.2.16.tar.gz?modtime=1188204187&bigmirror=0|...
CVE-2007-4210
Multiple SQL injection vulnerabilities in module.php in LANAI la-nai CMS 1.2.14 allow remote attackers to execute arbitrary SQL commands via 1 the mid parameter in an faqviewgroup action in the FAQ Modules, 2 the cid parameter in the EZSHOPINGCART Modules, or 3 the gid parameter in a view action ...
Sql injection
Multiple SQL injection vulnerabilities in module.php in LANAI la-nai CMS 1.2.14 allow remote attackers to execute arbitrary SQL commands via 1 the mid parameter in an faqviewgroup action in the FAQ Modules, 2 the cid parameter in the EZSHOPINGCART Modules, or 3 the gid parameter in a view action ...
CVE-2007-4210
CVE-2007-4210 affects LANAI (la-nai) CMS 1.2.14. The issue consists of multiple SQL injection vulnerabilities in module.php, allowing remote attackers to execute arbitrary SQL commands via three parameters: (1) mid in the FAQ Modules (faqviewgroup action), (2) cid in EZSHOPPINGCART Modules, and (...
CVE-2007-4210
Multiple SQL injection vulnerabilities in module.php in LANAI la-nai CMS 1.2.14 allow remote attackers to execute arbitrary SQL commands via 1 the mid parameter in an faqviewgroup action in the FAQ Modules, 2 the cid parameter in the EZSHOPINGCART Modules, or 3 the gid parameter in a view action ...
LANAI CMS SQL注入漏洞
BUGTRAQ ID: 25193 CNCAN ID:CNCAN-2007080604 LANAI CMS是一款基于PHP的WEB应用程序。 LANAI CMS不正确过滤用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,获得敏感信息。 问题是多个脚本对用户提交的WEB参数缺少过滤,提交恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息。 RedLine Software LANAI CMS 1.2.14 http://la-nai.sourceforge.net/...
Lanius CMS 1.2.14 FAQ Module - mid SQL Injection
Lanius CMS 1.2.14 FAQ Module - mid SQL Injection source: https://www.securityfocus.com/bid/25193/info LANAI CMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an...
Lanius CMS 1.2.14 EZSHOPINGCART Module - 'cid' SQL Injection
source: https://www.securityfocus.com/bid/25193/info LANAI CMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or...
Lanius CMS 1.2.14 GALLERY Module - gid SQL Injection
Lanius CMS 1.2.14 GALLERY Module - gid SQL Injection source: https://www.securityfocus.com/bid/25193/info LANAI CMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow ...