57 matches found
EUVD-1999-1241
Malware in sbrugna...
EUVD-2008-0159
Malware in sbrugna...
EUVD-1999-0276
Malware in sbrugna...
EUVD-2000-0012
Malware in sbrugna...
CVE-1999-0276
mSQL v2.0.1 and below allows remote execution through a buffer overflow...
CVE-1999-0753
The w3-msql CGI script provided with Mini SQL allows remote attackers to view restricted directories...
SUSE CVE-2007-4255
Buffer overflow in the mSQL extension in PHP 5.2.3 allows context-dependent attackers to execute arbitrary code via a long first argument to the msqlconnect function...
CVE-2007-4255
Buffer overflow in the mSQL extension in PHP 5.2.3 allows context-dependent attackers to execute arbitrary code via a long first argument to the msqlconnect function...
Hughes Technologies Mini SQL (mSQL) 2.0.11 w3-msql Buffer Overflow
No description provided by source. source: http://www.securityfocus.com/bid/898/info w3-msql is a cgi-program shipped with Mini-SQL which acts as a web interface for msql. There are a number of buffer overflow vulnerabilities in it with one proven to be exploitable. The exploitable buffer is the...
miniSQL (mSQL) 1.3 - Remote GID Root Exploit
No description provided by source. / /.------ /.------..---- / / \ /\ . // / . /\ / | / .\ . \ / / / \ | / | | slc | - -------||--.---.//-| //-.|----.|| / \ / / mSQL remote gid root exploit by lucipher & The Itch netric...
W3-mSQL Error Page Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27116/info W3-mSQL is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
IBM DB2, IBM Informix, ЛИНТЕР [Редковстречающиеся СУБД]
Intro- Буду краток: рассмотрим здесь особенности СУБД, которые попадаются на глаза довольно редко. Я расскажу о 3х из них: IBM DB2, IBM Informix и ЛИНТЕР. Также в приложении можно обнаружить эксплоиты к ним и подобранную информацию о таких субд как Apache CouchDB, Berkeley DB, CUBRID, H2,...
PHP-Nuke Search模块SQL注入漏洞
BUGTRAQ ID: 45165 PHP-Nuke是一个广为流行的网站创建和管理工具,可使用很多数据库软件作为后端,如MySQL、PostgreSQL、mSQL、Interbase、Sybase等。 PHP-Nuke的Search模块在实现上存在SQL注入漏洞,攻击者可利用此漏洞控制应用程序,访问或修改数据,利用后台数据库中的潜在漏洞。 此漏洞源于在SQL查询中使用用户提供的数据之前未进行有效过滤。 PHP-Nuke 7.0 - 8.1.0.3.5b 厂商补丁: PHP-Nuke --------...
CVE-2008-0146
Cross-site scripting XSS vulnerability in the error page in W3-mSQL allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to the top-level URI...
Cross site scripting
Cross-site scripting XSS vulnerability in the error page in W3-mSQL allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to the top-level URI...
CVE-2008-0146
Cross-site scripting XSS vulnerability in the error page in W3-mSQL allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to the top-level URI...
CVE-2008-0146
CVE-2008-0146 is an XSS in the error page of W3-mSQL. The vulnerability allows remote attackers to inject arbitrary web script or HTML via PATH_INFO to the top-level URI. Affected component is the error handling of W3-mSQL; root cause details and exact vulnerable versions are not explicitly provi...
w3msql-xss.txt
A reflected xss flaw exists in the w3-msql error page. google dork : "W3-mSQL Error! - Can't stat script file /" Just insert a script from the start of / like if u get a URL like:- http://localhost/cgi-bin/w3-msql/journal/ijcd/index.html and the error page output as :- W3-mSQL Error! - Can't stat...
xss in w3-msql error page
A reflected xss flaw exists in the w3-msql error page. google dork : "W3-mSQL Error! - Can't stat script file /" Just insert a script from the start of / like if u get a URL like:- http://localhost/cgi-bin/w3-msql/journal/ijcd/index.html and the error page output as :- W3-mSQL Error! - Can't stat...
W3-mSQL - Error Page Cross-Site Scripting
source: https://www.securityfocus.com/bid/27116/info W3-mSQL is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of th...