4 matches found
Sql injection
SQL injection vulnerability in the loginADP function in ajaxp.php in MyioSoft EasyCalendar 4.0 allows remote attackers to execute arbitrary SQL commands via the rsargs parameter, as reachable through the username parameter, a different vector than CVE-2008-1344. NOTE: some of these details are...
Sql injection
SQL injection vulnerability in the loginADP function in ajaxp.php in MyioSoft EasyBookMarker 4.0 allows remote attackers to execute arbitrary SQL commands via the rsargs parameter, as reachable through the username parameter. NOTE: some of these details are obtained from third party information...
CVE-2008-5654
Summary (CVE-2008-5654): SQL injection vulnerability in the loginADP function of ajaxp.php in MyioSoft EasyCalendar 4.0 (and earlier per related CVE-2008-1344) allows remote attackers to execute arbitrary SQL commands via the rsargs parameter, reachable through the username parameter. This is a d...
AjaxPortal LoginADP函数SQL注入漏洞
BUGTRAQ ID: 18897 AjaxPortal是基于Sajax技术的建站解决方案。 AjaxPortal的的LoginADP函数实现上存在SQL注入漏洞,远程攻击者可能利用此漏洞在服务器上执行任意代码。 仅在禁用了PHP魔术引号的情况下才能利用这个漏洞。 MyioSoft AjaxPortal 3.0 MyioSoft -------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://myiosoft.com/...