16 matches found
EUVD-2006-6193
Malware in sbrugna...
EUVD-2006-2986
Malware in sbrugna...
ASP ListPics 5.0 Listpics.ASP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/21279/info ASP ListPics is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise...
CVE-2006-6350
Listpics 5 stores sensitive data under the web root due to insufficient access control, enabling remote attackers to download listpics.mdb via a direct request. Affected product: Listpics 5. Root cause: web-accessible database file (listpics.mdb) exposed without proper permissions. Impact: comple...
CVE-2006-6350
listpics 5 stores sensitive data under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for listpics.mdb...
listpics v5
Title: listpics v5 Author: BLaSTER Contact: [email protected] Script: http://www.aspindir.com/indir.asp?id=2866 //Database Hacked.. http://target/path/Database/.mdb Example: http://victim.com/KhaledMuratList/Database/listpics.mdb // Greetz : BLaCKWHITE, Satanist-imam, EaGLe, FreeZe, LGMAN and...
CVE-2006-6210
SQL injection vulnerability in listpics.asp in ASP ListPics 5.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter...
CVE-2006-6210
The vulnerability CVE-2006-6210 affects ASP ListPics 5.0. Affected component: listpics.asp. Root cause: SQL injection via the ID parameter, allowing remote attackers to execute arbitrary SQL commands. Impact described as arbitrary SQL execution; no exploitation details or mitigations provided in ...
aria-asplistpics.txt
Aria-Security Team Advisory Original Advisory : http://www.aria-security.com/forum/showthread.php?t=41 ----------------------------------------------------------- Software: ASP ListPics 5.0 Method: SQL Injection PoC: http://target/path/listpics.asp?a=show&ID=SQL INJECTION Contact:...
ASP ListPics Listpics.ASP SQL注入漏洞
ASP ListPics是一款基于ASP的WEB应用程序。 ASP ListPics不充分过滤用户提交的URI输入,远程攻击者可以利用漏洞进行SQL注入攻击,获得敏感信息。 问题是'Listpics.ASP'脚本对用户提交的'ID'参数缺少过滤,提交恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息。 ASP ListPics ASP ListPics 5.0 暂无 http://www.example.com/path/listpics.asp?a=show&ID=SQL INJECTION...
[Aria-Security Team] ASP ListPics 5.0 SQL Injection
Aria-Security Team Advisory www.Aria-security.Com For English www.Aria-Security.net For Persian Original Advisory : http://www.aria-security.com/forum/showthread.php?t=41 ----------------------------------------------------------- Software: ASP ListPics 5.0 Method: SQL Injection PoC:...
ASP ListPics 5.0 - Listpics.asp SQL Injection
ASP ListPics 5.0 - Listpics.asp SQL Injection source: https://www.securityfocus.com/bid/21279/info ASP ListPics is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...
ASP ListPics 5.0 - 'Listpics.asp' SQL Injection
source: https://www.securityfocus.com/bid/21279/info ASP ListPics is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...
CVE-2006-2989
Cross-site scripting XSS vulnerability in listpics.asp in ASP ListPics 4.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the info parameter...
CVE-2006-2989
Cross-site scripting XSS vulnerability in listpics.asp in ASP ListPics 4.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the info parameter...
CVE-2006-2989
ASP ListPics 4.3 and earlier contains a Cross-site scripting (XSS) flaw in listpics.asp that can be exploited by supplying an info parameter value. The vulnerability allows remote attackers to inject arbitrary web script or HTML. Affected component: listpics.asp in ASP ListPics 4.3 and earlier. R...