EUVD-2006-1538

Malware in sbrugna...

Mallbuilder lostpass.php 文件 userid 参数SQL注入漏洞

0x01 漏洞概述 相关厂商： 上海远丰信息科技有限公司 官方主页： shop-builder.cn 提交时间： 2014-06-03 公开时间： 2014-09-01 漏洞类型： SQL注射漏洞 谷歌关键字： powered by mallbuilder 0x02 漏洞详情 首先来看看全局文件 function magic if!getmagicquotesgpc&&isset$POST foreach$POST as $key=$v if!isarray$v $POST$key=addslashes$v; else foreach$v as $skey=$sv if!isarray$...

ortox.ru XSS vulnerability

Vulnerable URL: http://ortox.ru/lostpass.php Details: Description| Value ---|--- Patched:| Yes, at 26.07.2017 Latest check for patch:| 26.07.2017 17:34 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 308337 Google Pagerank| 5 VIP website status:| No Check ortox....

CVE-2011-5190

Multiple cross-site scripting XSS vulnerabilities in Social Book Facebook Clone 2010 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO parameter to 1 signup.php, 2 lostpass.php, 3 login.php, 4 index.php, 5 helptos.php, 6 helpcontact.php, or 7 help.php...

CVE-2006-1534

Multiple SQL injection vulnerabilities in Null news allow remote attackers to execute arbitrary SQL commands via 1 the useremail parameter in a lostpass.php, and the 2 useremail and 3 userusername parameters in b sub.php and c unsub.php...

Sql injection

Multiple SQL injection vulnerabilities in Null news allow remote attackers to execute arbitrary SQL commands via 1 the useremail parameter in a lostpass.php, and the 2 useremail and 3 userusername parameters in b sub.php and c unsub.php...