69 matches found
EUVD-2010-4468
Malware in sbrugna...
EUVD-2010-4327
Malware in sbrugna...
EUVD-2010-4332
Malware in sbrugna...
mrcgiguy freeticket (ch/sql) Multiple Vulnerabilities
No description provided by source. MRCGIGUY FreeTicket Multiple Remote Vulnerabilities Founder: ThE g0bL!N ------ Home: http:/www.4ckx.com/dz/ ---- Download: http://www.mrcgiguy.com/cgi-bin/freedown.cgi?id=1 Vendor:http://www.mrcgiguy.com Special Thx: Snakespc His0k4 Note: Algerie 3-1 Egypt...
CVE-2010-4500
Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY MCG FreeTicket 1.0.0, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 name, 2 email, 3 subject, and 4 message parameters in a sendmess action. NOTE: the provenance of this...
CVE-2010-4500
Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY MCG FreeTicket 1.0.0, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 name, 2 email, 3 subject, and 4 message parameters in a sendmess action. NOTE: the provenance of this...
CVE-2010-4500
CVE-2010-4500 affects the MCGIGUY FreeTicket 1.0.0 application. When magic_quotes_gpc is disabled, remote attackers can trigger SQL injection via the sendmess action by supplying arbitrary values for the fields: name, email, subject, and message. The vulnerability arises from unsanitized inputs b...
CVE-2010-4363
Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY MCG FreeTicket 1.0.0, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 id and 2 email parameters in a showtickets action...
CVE-2010-4358
Multiple cross-site scripting XSS vulnerabilities in gb.cgi in MRCGIGUY MCG Guestbook 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 name, 2 email, 3 website, and 4 message parameters...
Sql injection
Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY MCG FreeTicket 1.0.0, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 id and 2 email parameters in a showtickets action...
CVE-2010-4363
The CVE-2010-4363 entry concerns MRCGIGUY (MCG) FreeTicket 1.0.0. The vulnerability is a SQL injection in contact.php exposed via the showtickets action, exploitable through the id and email parameters when magic_quotes_gpc is disabled. This allows remote attackers to execute arbitrary SQL comman...
CVE-2010-4358
The CVE-2010-4358 entry concerns the MRCGIGUY (MCG) Guestbook 1.0, specifically the gb.cgi component. The vulnerability is described as multiple cross-site scripting (XSS) flaws that allow remote attackers to inject arbitrary web script or HTML via the name, email, website, and message parameters...
CVE-2010-4363
Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY MCG FreeTicket 1.0.0, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 id and 2 email parameters in a showtickets action...
[eVuln.com] SQL injections in FreeTicket
Subject: eVuln.com SQL injections in FreeTicket New eVuln Advisory: SQL injections in FreeTicket Summary: http://evuln.com/vulns/146/summary.html Details: http://evuln.com/vulns/146/description.html -----------Summary----------- eVuln ID: EV0146 Software: FreeTicket Vendor: Mrcgiguy Version: 1.0....
FreeTicket 1.0.0 SQL Injection
Subject: eVuln.com SQL injections in FreeTicket New eVuln Advisory: SQL injections in FreeTicket Summary: http://evuln.com/vulns/146/summary.html Details: http://evuln.com/vulns/146/description.html -----------Summary----------- eVuln ID: EV0146 Software: FreeTicket Vendor: Mrcgiguy Version: 1.0....
[eVuln.com] Cookie Auth Bypass in Hot Links SQL
New eVuln Advisory: Cookie Auth Bypass in Hot Links SQL http://evuln.com/vulns/140/summary.html ----------------------- Summary ------------------------- eVuln ID: EV0140 Software: Hot Links SQL 3 Vendor: Mrcgiguy Version: 3.2.0 Critical Level: high Type: Authentication Bypass Status: Unpatched. ...
[eVuln.com] email XSS in SimpLISTic
New eVuln Advisory: email XSS in SimpLISTic Summary: http://evuln.com/vulns/145/summary.html Details: http://evuln.com/vulns/145/description.html -----------Summary----------- eVuln ID: EV0145 Software: SimpLISTic Vendor: Mrcgiguy Version: 2.0 Critical Level: low Type: Cross Site Scripting Status...
[eVuln.com] sitename XSS in Hot Links Lite
New eVuln Advisory: sitename XSS in Hot Links Lite Summary: http://evuln.com/vulns/143/summary.html Details: http://evuln.com/vulns/143/description.html -----------Summary----------- eVuln ID: EV0143 Software: Hot Links Lite Vendor: Mrcgiguy Version: 1.0 Critical Level: low Type: Cross Site...
[eVuln.com] url XSS in Hot Links Lite
New eVuln Advisory: url XSS in Hot Links Lite http://evuln.com/vulns/142/summary.html -----------Summary----------- eVuln ID: EV0142 Software: Hot Links Lite Vendor: Mrcgiguy Version: 1.0 Critical Level: low Type: Cross Site Scripting Status: Unpatched. No reply from developers PoC: Available...
Hot Links SQL report.cgi SQL Injection
New eVuln Advisory: report.cgi SQL inj in Hot Links SQL http://evuln.com/vulns/141/summary.html -----------Summary----------- eVuln ID: EV0141 Software: Hot Links SQL 3 Vendor: Mrcgiguy Version: 3.2.0 Critical Level: medium Type: SQL injection Status: Unpatched. No reply from developers PoC:...