21 matches found
EUVD-2005-2469
Malware in sbrugna...
EUVD-2005-2468
Malware in sbrugna...
MySQL Eventum <= 1.5.5 (login.php) SQL Injection Exploit
No description provided by source. !/usr/bin/perl -w use IO::Socket; use strict; print \n; print MySQL Eventum = v1.5.5 SQL Injection PoC \n; print James Bercegay // gulftech.org // 7-28-05 \n; print \n; my $host = 'localhost'; my $path = '/eventum/login.php'; my $user = '2'; my $port = 80; my...
MySQL AB Eventum 1.x list.php release Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/14436/info MySQL Eventum is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issu...
MySQL AB Eventum 1.x view.php id Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/14436/info MySQL Eventum is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issu...
MySQL Eventum Detection
The remote host is running MySQL Eventum, an open source web-based issue tracking system written in PHP. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid52053; scriptversion"1.6"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/06/01";...
MySQL Eventum forgot_password.php XSS
The version of the MySQL Eventum installed on the remote host is affected by a cross-site scripting vulnerability because the 'forgotpassword.php' script does not properly sanitize user input before returning it as part of the HTML response. Note, several other cross-site scripting vulnerabilitie...
Oracle MySQL Eventum Multiple Cross Site Scripting Vulnerabilities
Oracle MySQL Eventum is prone to multiple cross site scripting vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MySQL Eventum Multiple flaws
The remote host seems to be running MySQL Eventum, a user-friendly and flexible issue tracking system written in PHP. The remote version of this software is vulnerable to cross-site scripting attacks, through multiple scripts. With a specially crafted URL, an attacker can use the remote server to...
mysqlEventum.txt
GulfTech Security Research July 31st, 2005 Vendor : MySQL AB URL : http://dev.mysql.com/downloads/other/eventum/ Version : MySQL AB Eventum = 1.5.5 Risk : Multiple Vulnerabilities Description: Eventum is a user-friendly and flexible issue tracking system that can be used by a support department t...
eventum.pl.txt
!/usr/bin/perl -w use IO::Socket; use strict; print "\n"; print " MySQL Eventum new PeerAddr = $host, PeerPort = $port, Proto = 'tcp' || die "! Unable to connect to $host\n"; my $post =...
MySQL Eventum <= 1.5.5 (login.php) SQL Injection Exploit
No description provided by source. !/usr/bin/perl -w use IO::Socket; use strict; print "\n"; print " MySQL Eventum = v1.5.5 SQL Injection PoC \n"; print " James Bercegay // gulftech.org // 7-28-05 \n"; print "\n"; my $host = 'localhost'; my $path = '/eventum/login.php'; my $user = '2'; my $port =...
MySQL Eventum 1.5.5 - login.php SQL Injection
MySQL Eventum 1.5.5 - login.php SQL Injection !/usr/bin/perl -w use IO::Socket; use strict; print "\n"; print " MySQL Eventum new PeerAddr = $host, PeerPort = $port, Proto = 'tcp' || die "! Unable to connect to $host\n"; my $post =...
MySQL Eventum 1.5.5 - 'login.php' SQL Injection
!/usr/bin/perl -w use IO::Socket; use strict; print "\n"; print " MySQL Eventum new PeerAddr = $host, PeerPort = $port, Proto = 'tcp' || die "! Unable to connect to $host\n"; my $post =...
MySQL AB Eventum 1.x - view.php?id Cross-Site Scripting
MySQL AB Eventum 1.x - view.php?id Cross-Site Scripting source: https://www.securityfocus.com/bid/14436/info MySQL Eventum is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may...
MySQL AB Eventum 1.x - list.php?release Cross-Site Scripting
MySQL AB Eventum 1.x - list.php?release Cross-Site Scripting source: https://www.securityfocus.com/bid/14436/info MySQL Eventum is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may...
MySQL AB Eventum 1.x - get_jsrs_data.php?F Cross-Site Scripting
MySQL AB Eventum 1.x - getjsrsdata.php?F Cross-Site Scripting source: https://www.securityfocus.com/bid/14436/info MySQL Eventum is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker ma...
MySQL AB Eventum 1.x - 'view.php?id' Cross-Site Scripting
source: https://www.securityfocus.com/bid/14436/info MySQL Eventum is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script code...
[SA16255] MySQL Eventum PEAR XML_RPC PHP Code Execution Vulnerability
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
MySQL Eventum index.php email Parameter XSS
The MySQL Eventum install hosted on the remote web server is vulnerable to a cross-site scripting attack because it fails to sanitize user-supplied input to the 'email' parameter of the 'index.php' script before using it to generate dynamic HTML output. With a specially crafted URL, an attacker c...