Net Portal Dynamic System (NPDS) <= 5.10 Remote Code Execution (2)

No description provided by source. ?php /---------------------------------------------------------\ NPDS = 5.10 - Remote Code Execution exploit |Description:| Security holes were found in NPDS 5.10. N°1: Sql Injection in cookies File Mainfile.php lines 655 to 691. No check is carried out on...

Sql injection

Multiple SQL injection vulnerabilities in mainfile.php in NPDS 5.10 and earlier allow remote authenticated users to execute arbitrary SQL commands via a 1 nickname or 2 Id in a cookie, or 3 the X-Forwarded-For XFORWARDEDFOR HTTP header...

CVE-2007-2537

Multiple SQL injection vulnerabilities in mainfile.php in NPDS 5.10 and earlier allow remote authenticated users to execute arbitrary SQL commands via a 1 nickname or 2 Id in a cookie, or 3 the X-Forwarded-For XFORWARDEDFOR HTTP header...

exploit-NPDS-5.10.txt

?php /---------------------------------------------------------\ NPDS = 5.10 - Remote Code Execution exploit |Description:| Security holes were found in NPDS 5.10. N°1: Sql Injection in cookies File Mainfile.php lines 655 to 691. No check is carried out on nicknames or Id which can allow an...

NPDS &lt;= 5.10 - Multiple SQL injections

|Description:| Security holes were found in NPDS 5.10. N°1: Sql Injection in cookies File Mainfile.php lines 655 to 691. No check is carried out on nicknames or Id which can allow an attacker to modify a SQL request so as to obtain data. N°2: SQL Injection due to a bad use of "XFORWARDEDFOR" file...

Net Portal Dynamic System (NPDS) <= 5.10 Remote Code Execution (2)

Exploit for unknown platform in category web applications ================================================================== Net Portal Dynamic System NPDS = 5.10 Remote Code Execution 2 ================================================================== ?php...

Net Portal Dynamic System (NPDS) 5.10 - Remote Code Execution (2)

Net Portal Dynamic System NPDS 5.10 - Remote Code Execution 2 ?php /---------------------------------------------------------\ NPDS = 5.10 - Remote Code Execution exploit |Description:| Security holes were found in NPDS 5.10. N°1: Sql Injection in cookies File Mainfile.php lines 655 to 691. No...

Net Portal Dynamic System (NPDS) 5.10 - Remote Code Execution (2)

?php /---------------------------------------------------------\ NPDS = 5.10 - Remote Code Execution exploit |Description:| Security holes were found in NPDS 5.10. N°1: Sql Injection in cookies File Mainfile.php lines 655 to 691. No check is carried out on nicknames or Id which can allow an...

CVE-2007-1634

Variable extraction vulnerability in grabglobals.php in Net Portal Dynamic System NPDS 5.10 and earlier allows remote attackers to conduct SQL injection attacks via the FILESDBtmpname parameter to print.php, which overwrites the $DB variable with dynamic variable evaluation...

CVE-2007-1634

Variable extraction vulnerability in grabglobals.php in Net Portal Dynamic System NPDS 5.10 and earlier allows remote attackers to conduct SQL injection attacks via the FILESDBtmpname parameter to print.php, which overwrites the $DB variable with dynamic variable evaluation...

NPDS &lt;= 5.10 Local Inclusion, XSS, Full path disclosure

// Script Web -------- www.npds.org versions --- NPDS = 5.10 Solutions -- None official Note ------- Vendor has been contacted // Local Inclusion http://.../header.php?DefaultTheme=../apache/logs/error.log00...