46 matches found
Default credentials
Oi! Email Marketing System 3.0 aka Oi! 3 stores the server's FTP password in cleartext on a Configuration web page, which allows local users with superadministrator privileges, or attackers who have obtained access to the web page, to view the password...
CVE-2006-0919
SQL injection vulnerability in index.php aka the login page in Oi! Email Marketing System 3.0 aka Oi! 3 allows remote attackers to execute arbitrary SQL commands via the 1 Username and 2 Password fields...
CVE-2006-0919
CVE-2006-0919 describes an SQL injection in Oi! Email Marketing System 3.0 (Oi! 3) login flow (index.php) that allows remote attackers to execute arbitrary SQL commands through the Username and Password fields. The vulnerability arises in the login page handling of user input, enabling partial/co...
CVE-2006-0920
Oi! Email Marketing System 3.0 (Oi! 3) stores the server FTP password in cleartext on a Configuration web page, enabling local superadministrators or anyone with web-page access to view the password. This vulnerability exposes confidential credentials and arises from cleartext password storage on...
HYSA-2006-003.txt
------------------------------------------------------ HYSA-2006-003 h4cky0u.org Advisory 012 ------------------------------------------------------ Date - Thu Feb 24 2006 TITLE: ====== Oi! Email Marketing 3.0 SQL Injection SEVERITY: ========= High SOFTWARE: ========= Oi! Email Marketing 3.0. Pri...
HYSA-2006-003 Oi! Email Marketing 3.0 SQL Injection
------------------------------------------------------ HYSA-2006-003 h4cky0u.org Advisory 012 ------------------------------------------------------ Date - Thu Feb 24 2006 TITLE: ====== Oi! Email Marketing 3.0 SQL Injection SEVERITY: ========= High SOFTWARE: ========= Oi! Email Marketing 3.0. Pri...