Lucene search
K

90 matches found

Cvelist
Cvelist
added 2006/03/30 12:0 a.m.20 views

CVE-2006-1501

SQL injection vulnerability in index.php in OneOrZero 1.6.3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter, possibly in the kans action...

8.4AI score0.01222EPSS
Exploits1References6
securityvulns
securityvulns
added 2006/03/29 12:0 a.m.34 views

[SA19446] OneOrZero "id" SQL Injection Vulnerability

TITLE: OneOrZero "id" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA19446 VERIFY ADVISORY: http://secunia.com/advisories/19446/ CRITICAL: Moderately critical IMPACT: Manipulation of data WHERE: From remote SOFTWARE: OneOrZero Helpdesk 1.x http://secunia.com/product/1568/ DESCRIPTION: Preddy...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2006/03/28 12:0 a.m.13 views

OneOrZero 1.6.3 Helpdesk - index.php SQL Injection

OneOrZero 1.6.3 Helpdesk - index.php SQL Injection source: https://www.securityfocus.com/bid/17298/info OneOrZero Helpdesk is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2006/03/28 12:0 a.m.18 views

OneOrZero 1.6.3 Helpdesk - 'index.php' SQL Injection

source: https://www.securityfocus.com/bid/17298/info OneOrZero Helpdesk is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromis...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2003/05/21 12:0 a.m.32 views

OneOrZero Helpdesk tupdate.php sg Parameter SQL Injection

The remote host is running OneOrZero, an online helpdesk. There are multiple flaws in this software that could allow an attacker to insert arbitrary SQL commands in the remote database, or even to gain administrative privileges on this host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Re...

5CVSS6.1AI score0.02531EPSS
Exploits1References1
securityvulns
securityvulns
added 2003/05/16 12:0 a.m.29 views

OneOrZero Security Problems (PHP)

Informations : °°°°°°°°°°°°°° Website : http://www.oneorzero.com Version : 1.4 rc4 Problems : - SQL Injection - Admin Access PHP Code/Location : °°°°°°°°°°°°°°°°°°° supporter/tupdate.php : -------------------------------------------------------------------------- if$groupid == 'change' $sql =...

Exploits0
exploitpack
exploitpack
added 2003/05/15 12:0 a.m.10 views

OneOrZero Helpdesk 1.4 - install.php Administrative Access

OneOrZero Helpdesk 1.4 - install.php Administrative Access source: https://www.securityfocus.com/bid/7611/info OneOrZero Helpdesk has been reported prone to an issue that may result in an attacker obtaining unauthorized administrative access. The issue presents itself due to a programming error i...

1.6AI score
Exploits0
exploitpack
exploitpack
added 2003/05/15 12:0 a.m.14 views

OneOrZero Helpdesk 1.4 - TUpdate.php SQL Injection

OneOrZero Helpdesk 1.4 - TUpdate.php SQL Injection source: https://www.securityfocus.com/bid/7609/info An SQL injection issue has been reported to affect OneOrZero Helpdesk. The error presents itself in a OneOrZero Helpdesk script that fails to sufficiently sanitize user-supplied input before...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2003/05/15 12:0 a.m.21 views

OneOrZero Helpdesk 1.4 - 'install.php' Administrative Access

source: https://www.securityfocus.com/bid/7611/info OneOrZero Helpdesk has been reported prone to an issue that may result in an attacker obtaining unauthorized administrative access. The issue presents itself due to a programming error in a Helpdesk script. Reportedly a script does not...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2003/05/15 12:0 a.m.21 views

OneOrZero Helpdesk 1.4 - 'TUpdate.php' SQL Injection

source: https://www.securityfocus.com/bid/7609/info An SQL injection issue has been reported to affect OneOrZero Helpdesk. The error presents itself in a OneOrZero Helpdesk script that fails to sufficiently sanitize user-supplied input before including it in SQL queries. Successful exploitation...

7.4AI score
Exploits0
Rows per page
Query Builder