854 matches found
CVE-2006-7171
productreview.php in Koan Software Mega Mall allows remote attackers to obtain the installation path via a request with an empty value of the x parameter...
CVE-2006-7170
Multiple SQL injection vulnerabilities in Koan Software Mega Mall allow remote attackers to execute arbitrary SQL commands via the 1 t, 2 productId, 3 sk, 4 x, or 5 so parameter to a productreview.php; or the 6 orderNo parameter to b order-track.php...
CVE-2006-7171
productreview.php in Koan Software Mega Mall allows remote attackers to obtain the installation path via a request with an empty value of the x parameter...
CVE-2006-7170
Multiple SQL injection vulnerabilities in Koan Software Mega Mall allow remote attackers to execute arbitrary SQL commands via the 1 t, 2 productId, 3 sk, 4 x, or 5 so parameter to a productreview.php; or the 6 orderNo parameter to b order-track.php...
CVE-2006-7171
CVE-2006-7171 affects Koan Software Mega Mall. The vulnerability occurs in product_review.php, where remote attackers can cause disclosure of the installation path by sending a request with an empty value for the x[] parameter. The provided documents do not specify affected versions, root cause d...
CVE-2006-7170
CVE-2006-7170 describes multiple SQL injection vulnerabilities in Koan Software Mega Mall. The affected components are the PHP scripts (a) product_review.php via parameters t, productId, sk, x, or so, and (b) order-track.php via parameter orderNo. The root cause is unsafely concatenated SQL in th...
Mega Mall - order-track.php?orderNo SQL Injection
Mega Mall - order-track.php?orderNo SQL Injection source: https://www.securityfocus.com/bid/21072/info Megamail is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an...
megamallSQL.txt
vendor site: http://products.kaonsoftwares.com/ product: mega-mall bug:injection sql & full path disclosure language: asp risk: high injection sql get: http://site.com/mega-mall/productreview.php?t=sql http://site.com/mega-mall/productreview.php?t=0&productId=sql...
Mega Mall [ multiples injection sql & full path disclosure ]
vendor site: http://products.kaonsoftwares.com/ product: mega-mall bug:injection sql & full path disclosure language: asp risk: high injection sql get: http://site.com/mega-mall/productreview.php?t=sql http://site.com/mega-mall/productreview.php?t=0&productId=sql...
Mega Mall - 'order-track.php?orderNo' SQL Injection
source: https://www.securityfocus.com/bid/21072/info Megamail is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or...
Mega Mall - 'product_review.php' Multiple SQL Injections
source: https://www.securityfocus.com/bid/21072/info Megamail is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or...
HP-UX PHNE_33790 : s700_800 11.00 r-commands cumulative mega-patch
s700800 11.00 r-commands cumulative mega-patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential vulnerability hs been identified with HP-UX systems running in Trusted Mode. The vulnerability could be exploited remotely to gain unauthorized access. HPSBUX02072...
CVE-2004-2743
upload.cgi in Mega Upload Progress Bar before 1.45 allows remote attackers to copy or overwrite arbitrary files via unspecified parameters related to names of uploaded files...
[SA12993] Mega Upload Unspecified "File List" Vulnerability
TITLE: Mega Upload Unspecified "File List" Vulnerability SECUNIA ADVISORY ID: SA12993 VERIFY ADVISORY: http://secunia.com/advisories/12993/ CRITICAL: Moderately critical IMPACT: Unknown WHERE: From remote SOFTWARE: Mega Upload 1.x http://secunia.com/product/4156/ DESCRIPTION: A vulnerability with...