EUVD-2006-5130

Malware in sbrugna...

EUVD-2006-5129

Malware in sbrugna...

OlateDownload 3.4 details.php page Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/20278/info OlateDownload is prone to multiple input-validation vulnerabilities, including HTML-injection and SQL-injection issues, because the application fails to properly sanitize user-supplied input. A successful explo...

OlateDownload 3.4 search.php query Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/20278/info OlateDownload is prone to multiple input-validation vulnerabilities, including HTML-injection and SQL-injection issues, because the application fails to properly sanitize user-supplied input. A successful explo...

CVE-2006-5144

Cross-site scripting XSS vulnerability in userupload.php in OlateDownload 3.4.0 allows remote attackers to inject arbitrary web script or HTML via the descriptionsmall parameter...

CVE-2006-5145

Multiple SQL injection vulnerabilities in OlateDownload 3.4.0 allow remote attackers to execute arbitrary SQL commands via the 1 page parameter in details.php or the 2 query parameter in search.php...

OlateDownload3.4.0.txt

::OlateDownload 3.4.0 Multiple Vulnerabilities :: ------------------------------------------------ Software : OlateDownload Website : www.olate.co.uk Bug Discover : Hessam-x / www.hessamx.net I. Cross Site Scripting Vulnerability ------------------------------------------------- Parameter...

CVE-2006-5144

Cross-site scripting XSS vulnerability in userupload.php in OlateDownload 3.4.0 allows remote attackers to inject arbitrary web script or HTML via the descriptionsmall parameter...

CVE-2006-5145

CVE-2006-5145 affects OlateDownload 3.4.0. The vulnerability arises from input handling in two parameters: (1) details.php: page and (2) search.php: query, enabling remote attackers to execute arbitrary SQL commands (SQL injection). Impact is remote code or data access as described in the CVE; th...

CVE-2006-5145

Multiple SQL injection vulnerabilities in OlateDownload 3.4.0 allow remote attackers to execute arbitrary SQL commands via the 1 page parameter in details.php or the 2 query parameter in search.php...

CVE-2006-5144

CVE-2006-5144 is a reported XSS vulnerability in OlateDownload 3.4.0, specifically in userupload.php where arbitrary HTML/script can be injected via the description_small parameter. The vulnerability is described across multiple sources (NVD/NVD listing, CVE records) with CVSS 2.0 base score 6.8 ...

OlateDownload 3.4.0 Multiple Vulnerabilities

::OlateDownload 3.4.0 Multiple Vulnerabilities :: ------------------------------------------------ Software : OlateDownload Website : www.olate.co.uk Bug Discover : Hessam-x / www.hessamx.net I. Cross Site Scripting Vulnerability ------------------------------------------------- Parameter...

OlateDownload 3.4 - search.php?query SQL Injection

OlateDownload 3.4 - search.php?query SQL Injection source: https://www.securityfocus.com/bid/20278/info OlateDownload is prone to multiple input-validation vulnerabilities, including HTML-injection and SQL-injection issues, because the application fails to properly sanitize user-supplied input. A...

OlateDownload 3.4 - details.php?page SQL Injection

OlateDownload 3.4 - details.php?page SQL Injection source: https://www.securityfocus.com/bid/20278/info OlateDownload is prone to multiple input-validation vulnerabilities, including HTML-injection and SQL-injection issues, because the application fails to properly sanitize user-supplied input. A...

OlateDownload 3.4 - 'search.php?query' SQL Injection

source: https://www.securityfocus.com/bid/20278/info OlateDownload is prone to multiple input-validation vulnerabilities, including HTML-injection and SQL-injection issues, because the application fails to properly sanitize user-supplied input. A successful exploit of these vulnerabilities could...

OlateDownload 3.4 - 'details.php?page' SQL Injection

source: https://www.securityfocus.com/bid/20278/info OlateDownload is prone to multiple input-validation vulnerabilities, including HTML-injection and SQL-injection issues, because the application fails to properly sanitize user-supplied input. A successful exploit of these vulnerabilities could...