26 matches found
EUVD-2006-0177
Malware in sbrugna...
EUVD-2006-0176
Malware in sbrugna...
EUVD-2006-0175
Malware in sbrugna...
MyPHPim calendar.php3 cal_id Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/16210/info MyPhPim is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities cou...
MyPHPim Login Page pass Field SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/16210/info MyPhPim is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities cou...
MyPhPim calendar.php3 cal_id Parameter SQL Injection - Ver2 (CVE-2006-0167)
An SQL injection vulnerability has been reported in MyPhPim. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
MyPhPim calendar.php3 cal_id Parameter SQL Injection - Ver2 (CVE-2006-0167)
An SQL injection vulnerability has been reported in MyPhPim. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
EV0022.txt
New eVuln Advisory: MyPhPim Multiple SQL Injection and XSS Vulnerabilities --------------------Summary---------------- Software: MyPhPim Sowtware's Web Site: http://sourceforge.net/projects/myphpim/ Versions: 01.05 Critical Level: Moderate Type: Multiple Vulnerabilities Class: Remote Status:...
[eVuln] MyPhPim Multiple SQL Injection and XSS Vulnerabilities
New eVuln Advisory: MyPhPim Multiple SQL Injection and XSS Vulnerabilities --------------------Summary---------------- Software: MyPhPim Sowtware's Web Site: http://sourceforge.net/projects/myphpim/ Versions: 01.05 Critical Level: Moderate Type: Multiple Vulnerabilities Class: Remote Status:...
[eVuln] MyPhPim Arbitrary File Upload
New eVuln Advisory: MyPhPim Arbitrary File Upload --------------------Summary---------------- Software: MyPhPim Sowtware's Web Site: http://sourceforge.net/projects/myphpim/ Versions: 01.05 Critical Level: Moderate Type: File Upload Class: Remote Status: Unpatched Exploit: Available Solution: Not...
CVE-2006-0167
SQL injection vulnerability in MyPhPim 01.05 allows remote attackers to execute arbitrary SQL commands via the 1 calid parameter in calendar.php3 and the 2 password field on the login page...
Cross site scripting
Cross-site scripting XSS vulnerability in MyPhPim 01.05 allows remote attackers to inject arbitrary web script or HTML via the description field on the "Create New todo" page...
CVE-2006-0168
Cross-site scripting XSS vulnerability in MyPhPim 01.05 allows remote attackers to inject arbitrary web script or HTML via the description field on the "Create New todo" page...
CVE-2006-0169
addresses.php3 in MyPhPim 01.05 does not restrict uploaded files, which allows remote attackers to execute arbitrary PHP code via the pdbfile variable, then directly accessing those files from the uploads directory...
Sql injection
SQL injection vulnerability in MyPhPim 01.05 allows remote attackers to execute arbitrary SQL commands via the 1 calid parameter in calendar.php3 and the 2 password field on the login page...
CVE-2006-0168
CVE-2006-0168 affects MyPhPim 01.05 with a Cross-site Scripting (XSS) vulnerability in the description field on the "Create New todo" page. The issue allows remote attackers to inject arbitrary web script or HTML. The available connected documents confirm the affected product/version and the vuln...
CVE-2006-0169
The vulnerability CVE-2006-0169 affects MyPhPim 01.05 (addresses.php3) where uploaded files are not restricted. This allows remote attackers to execute arbitrary PHP code via the pdbfile parameter and then directly access those files from the uploads directory, due to improper validation of uploa...
CVE-2006-0169
addresses.php3 in MyPhPim 01.05 does not restrict uploaded files, which allows remote attackers to execute arbitrary PHP code via the pdbfile variable, then directly accessing those files from the uploads directory...
CVE-2006-0167
CVE-2006-0167 : The vulnerability affects MyPhPim 01.05 and is a SQL injection in calendar.php3 (cal_id parameter) and the login page (password field). Exploitation could allow remote attackers to execute arbitrary SQL commands. No remediation details are provided in the supplied documents. In-wi...
CVE-2006-0167
SQL injection vulnerability in MyPhPim 01.05 allows remote attackers to execute arbitrary SQL commands via the 1 calid parameter in calendar.php3 and the 2 password field on the login page...