EUVD-2005-4058

Malware in sbrugna...

NetAuctionHelp 4.1 Search.ASP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26540/info NetAuctionHelp is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromis...

NetauctionHelp 3.0 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/15737/info NetAuctionHelp is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to...

nah-sql.txt

Aria-Security Net Original Advisory @ http://aria-security.net/forum/showthread.php?p=1099 ------------------------ Vendor: http://www.netauctionhelp.com PoC: search.asp?sort=ni&category=&categoryname=&kwsearch=&nsearch=SQL INJECTION...

NetAuctionHelp Classified Ads v1.0 SQL Injection

Aria-Security Team http://Aria-Security.Net ------------------------------------------ Original Advisory @ http://aria-security.net/forum/showthread.php?p=1111 Try it online @ http://ads.netauctionhelp.com needed tables: tblMember.id tblMember.login tblMember.pswd Vulnarable Page: Login.asp Run...

NetAuctionHelp 4.1 (nsearch) Remote SQL Injection Vulnerability

No description provided by source. Aria-Security Net http://Aria-Security.Net ------------------------ Vendor: http://www.netauctionhelp.com PoC: search.asp ?sort=ni&category=&categoryname=&kwsearch=&nsearch=SQL INJECTION search.asp?sort=ni&category=&categoryname=&kwsearch=&nsearch='having 1=1--...

NetAuctionHelp 4.1 - nsearch SQL Injection

NetAuctionHelp 4.1 - nsearch SQL Injection Aria-Security Net http://Aria-Security.Net ------------------------ Vendor: http://www.netauctionhelp.com PoC: search.asp ?sort=ni&category=&categoryname=&kwsearch=&nsearch=SQL INJECTION search.asp?sort=ni&category=&categoryname=&kwsearch=&nsearch='havin...

NetAuctionHelp 4.1 - Search.ASP SQL Injection Vulnerability

NetAuctionHelp 4.1 Search.ASP SQL Injection Vulnerability. Webapps exploit for asp platform source: http://www.securityfocus.com/bid/26540/info NetAuctionHelp is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query...

NetAuctionHelp 4.1 (nsearch) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications =============================================================== NetAuctionHelp 4.1 nsearch Remote SQL Injection Vulnerability =============================================================== ------------------------ Vendor:...

Aria-Security.net: NetAuctionHelp SQL Injection

Aria-Security Net Original Advisory @ http://aria-security.net/forum/showthread.php?p=1099 ------------------------ Vendor: http://www.netauctionhelp.com PoC: search.asp?sort=ni&category=&categoryname=&kwsearch=&nsearch=SQL INJECTION...

NetAuctionHelp 4.1 - 'nsearch' SQL Injection

Aria-Security Net http://Aria-Security.Net ------------------------ Vendor: http://www.netauctionhelp.com PoC: search.asp ?sort=ni&category=&categoryname=&kwsearch=&nsearch=SQL INJECTION search.asp?sort=ni&category=&categoryname=&kwsearch=&nsearch='having 1=1--...

CVE-2005-4063

Multiple cross-site scripting XSS vulnerabilities in NetAuctionHelp 3.0 and earlier allow remote attackers to inject arbitrary HTML and web script via the 1 L, 2 sort, 3 category, 4 categoryname parameters to search.asp...

CVE-2005-4063

Multiple cross-site scripting XSS vulnerabilities in NetAuctionHelp 3.0 and earlier allow remote attackers to inject arbitrary HTML and web script via the 1 L, 2 sort, 3 category, 4 categoryname parameters to search.asp...

CVE-2005-4063

CVE-2005-4063 describes multiple cross-site scripting (XSS) vulnerabilities in NetAuctionHelp 3.0 and earlier . An attacker can inject arbitrary HTML/JavaScript via the parameters L, sort, category, and categoryname in the search.asp endpoint. The NVD entry lists a Medium severity (CVSS v2.0 base...

NetAuctionHelp 3.0 - Multiple Cross-Site Scripting Vulnerabilities

NetAuctionHelp 3.0 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/15737/info NetAuctionHelp is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An...

NetAuctionHelp v3.0 XSS Vuln

NetAuctionHelp v3.0 XSS Vuln Vuln. dicovered by : r0t Date: 6 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/netauctionhelp-v30-xss-vuln.html vendor:http://www.netauctionhelp.com/ affected version:v3.0 and prior Product Description: NetAuctionHelp provides auction site source code...

NetAuctionHelp 3.0 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/15737/info NetAuctionHelp is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute...