45 matches found
Cedar Gate EZ-NET <= 6.8.0 - Cross-Site Scripting
The Cedar Gate EZ-NET portal 6.5.5 6.8.0 Internet portal has a call to display messages to users which does not properly sanitize data sent in through a URL parameter. This leads to a Reflected Cross-Site Scripting vulnerability. id: CVE-2022-23397 info: name: Cedar Gate EZ-NET = 6.8.0 - Cross-Si...
CVE-2005-1804
Multiple SQL injection vulnerabilities in Net Portal Dynamic System NPDS 5.0 allow remote attackers to execute arbitrary SQL commands via the 1 terme parameter in the glossaire module glossaire.php or 2 query parameter to links.php...
CVE-2022-23397
The Cedar Gate EZ-NET portal 6.5.5 6.8.0 Internet portal has a call to display messages to users which does not properly sanitize data sent in through a URL parameter. This leads to a Reflected Cross-Site Scripting vulnerability. NOTE: the vendor disputes this because the ado.im reference has "no...
EUVD-2007-1629
Malware in sbrugna...
EUVD-2007-1628
Malware in sbrugna...
EUVD-2006-6809
Malware in sbrugna...
EUVD-2006-2948
Malware in sbrugna...
EUVD-2006-2947
Malware in sbrugna...
EUVD-2006-2949
Malware in sbrugna...
CVE-2022-23397
The Cedar Gate EZ-NET portal 6.5.5 6.8.0 Internet portal has a call to display messages to users which does not properly sanitize data sent in through a URL parameter. This leads to a Reflected Cross-Site Scripting vulnerability. NOTE: the vendor disputes this because the ado.im reference has "no...
PT-2022-15974 · Cedar Gate · Cedar Gate Ez-Net Portal
Name of the Vulnerable Software and Affected Versions: Cedar Gate EZ-NET portal versions 6.5.5 through 6.8.0 Description: The issue arises from a call to display messages to users that does not properly sanitize data sent through a URL parameter, leading to a Reflected Cross-Site Scripting...
CVE-2022-23397
The Cedar Gate EZ-NET portal 6.5.5 6.8.0 Internet portal has a call to display messages to users which does not properly sanitize data sent in through a URL parameter. This leads to a Reflected Cross-Site Scripting vulnerability. NOTE: the vendor disputes this because the ado.im reference has "no...
Net Portal Dynamic System <= 5.0 (register users) Denial of Service
No description provided by source. !/usr/bin/perl Type|+ Register multiple users for Denial of Service Vendor url|+ www.npds.org Little description|+ NPDS Net Portal Dynamic System is a Frenchand now English ! GNU dynamic portal Solution|+ None official but you can add a visual confirmation if yo...
Sql injection
Variable extraction vulnerability in grabglobals.php in Net Portal Dynamic System NPDS 5.10 and earlier allows remote attackers to conduct SQL injection attacks via the FILESDBtmpname parameter to print.php, which overwrites the $DB variable with dynamic variable evaluation...
Code injection
Static code injection vulnerability in admin/settings.php in Net Portal Dynamic System NPDS 5.10 and earlier allows remote authenticated users to inject arbitrary PHP code via the xtop parameter in a "ConfigSave" op to admin.php, which can later be accessed via a "Configure" op to admin.php...
CVE-2007-1635
Static code injection vulnerability in admin/settings.php in Net Portal Dynamic System NPDS 5.10 and earlier allows remote authenticated users to inject arbitrary PHP code via the xtop parameter in a "ConfigSave" op to admin.php, which can later be accessed via a "Configure" op to admin.php...
CVE-2007-1634
The CVE-2007-1634 entry relates to Net Portal Dynamic System (NPDS) versions up to 5.10, where grab_globals.php is vulnerable. Affected component/function: _FILES[DB][tmp_name] parameter to print.php, which overwrites the $DB variable via dynamic variable evaluation. Root cause: variable extracti...
Net Portal Dynamic System Print.PHP SQL注入漏洞
Net Portal Dynamic System是一款基于PHP的WEB应用程序。 Net Portal Dynamic System不正确过滤用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,可获得敏感信息。 问题是'Print.PHP'脚本对用户提交的WEB参数缺少过滤,提交恶意SQL代码作为参数数据,可导致更改原来的SQL逻辑,获得敏感信息。 NPDS Net Portal Dynamic System 5.10 目前没有解决方案提供: http://www.npds.org/ !/usr/bin/php ?php / This file require the...
npds-exec.txt
!/usr/bin/php Options OPTIONS | -proxy If you wanna use a proxy | -proxyauth Basic authentification ";exit1; $url = getparam'url',1; $pro = getparam'proxy'; $pra = getparam'proyauth'; $xpl = new phpsploit; $xpl-agent'Mozilla Firefox'; if$pro $xpl-proxy$pro; if$pra $xpl-proxyauth$pra; +print.php S...
Net Portal Dynamic System (NPDS) <= 5.10 Remote Code Execution
No description provided by source. !/usr/bin/php ?php errorreportingEALL ^ ENOTICE; Advisory soon if$argc 3 print" TITLE | Net Portal Dynamic System NPDS = 5.10 Remote Code Execution 0day AUTHOR | DarkFig / http://www.acid-root.new.fr / [email protected] NOTE | Works regardless of php settings...