64 matches found
EUVD-2006-4487
Malware in sbrugna...
EUVD-2006-1853
Malware in sbrugna...
EUVD-2008-5039
Malware in sbrugna...
EUVD-2005-1056
Malware in sbrugna...
EUVD-2008-5038
Malware in sbrugna...
EUVD-2006-4027
Malware in sbrugna...
EUVD-2005-1057
Malware in sbrugna...
CVE-2006-4499
ModernBill 5.0.4 and earlier uses cURL with insecure settings for CURLOPTSSLVERIFYPEER and CURLOPTSSLVERIFYHOST that do not verify SSL certificates, which allows remote attackers to read network traffic via a man-in-the-middle MITM attack...
ModernBill 4.3 User.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/17596/info ModernBill is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allo...
ModernGigabyte ModernBill 4.3 C_CODE Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13087/info ModernBill is affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'ccode' parameter. This may facilitate the theft...
ModernGigabyte ModernBill 4.3 News.PHP File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13086/info ModernBill is prone to a remote file include vulnerability. The problem presents itself specifically when an attacker passes the location of a remote attacker-specified script through the 'news.php' script...
Modernbill <= 1.6 (config.php) Remote File Include Vulnerability
No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register class TestPOCPOCBase: vulID = '63791' ssvid version = '1.0' author = '皮皮' vulDate = '2006-08-09' createDate = '2015-12-24...
ModernBill <= 4.4.x XSS / Remote File Inclusion Vulnerability
No description provided by source. ModernBill .:. Client Billing System - User Login ModernBill = v4.4.X Remote File Inclusion Vulnerability and xss by nigh7f411 http://xc0r3.net/ plezz go to ttp://xc0r3.net/forums/ rfi...
ModernGigabyte ModernBill 4.3 Aid Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13089/info ModernBill is affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'aid' parameter. This may facilitate the theft o...
Modernbill config.php DIR Parameter PHP Code Execution - Ver2 (CVE-2006-4034)
A code execution vulnerability has been reported in ModernGigabyte ModernBill. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Modernbill config.php DIR Parameter PHP Code Execution - Ver2 (CVE-2006-4034)
A code execution vulnerability has been reported in ModernGigabyte ModernBill. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CVE-2008-5059
Cross-site scripting XSS vulnerability in index.php in ModernBill 4.4 and earlier allows remote attackers to inject arbitrary web script or HTML via a Javascript event in the newlanguage parameter in a login action...
CVE-2008-5060
Multiple PHP remote file inclusion vulnerabilities in ModernBill 4.4 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the DIR parameter to 1 exportbatch.inc.php, 2 runautosuspend.cron.php, and 3 sendemailcache.php in include/scripts/; 4...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in ModernBill 4.4 and earlier allows remote attackers to inject arbitrary web script or HTML via a Javascript event in the newlanguage parameter in a login action...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in ModernBill 4.4 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the DIR parameter to 1 exportbatch.inc.php, 2 runautosuspend.cron.php, and 3 sendemailcache.php in include/scripts/; 4...