20 matches found
EUVD-2005-0898
Malware in sbrugna...
EUVD-2006-6017
Malware in sbrugna...
EUVD-2005-0899
Malware in sbrugna...
MagicScripts E-Store Kit-2 PayPal Edition Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12909/info MagicScripts E-Store Kit-2 PayPal Edition is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. Thi...
E-Store Kit- <= 2 PayPal Edition (pid) SQL Injection Vulnerability
No description provided by source. Viva IslaM Viva IslaM Remote SQL Injection Vulnerability E-Store Kit-1 viewdetails.php pid E-Store Kit-2 viewdetails.php pid E-Store Kit-1 Pro PayPal Edition viewdetails.php pid E-Store Kit-2 PayPal Edition viewdetails.php pid www.magicscripts.com AuTh0r : Mr.SQ...
E-Store Kit-1 2 PayPal Edition - pid SQL Injection
E-Store Kit-1 2 PayPal Edition - pid SQL Injection Viva IslaM Viva IslaM Remote SQL Injection Vulnerability E-Store Kit-1 viewdetails.php pid E-Store Kit-2 viewdetails.php pid E-Store Kit-1 Pro PayPal Edition viewdetails.php pid E-Store Kit-2 PayPal Edition viewdetails.php pid www.magicscripts.co...
E-Store Kit- <= 2 PayPal Edition (pid) SQL Injection Vulnerability
Exploit for unknown platform in category web applications ================================================================== E-Store Kit- = 2 PayPal Edition pid SQL Injection Vulnerability ================================================================== Remote SQL Injection Vulnerability E-Stor...
E-Store Kit-1 < 2 PayPal Edition - 'pid' SQL Injection
Viva IslaM Viva IslaM Remote SQL Injection Vulnerability E-Store Kit-1 viewdetails.php pid E-Store Kit-2 viewdetails.php pid E-Store Kit-1 Pro PayPal Edition viewdetails.php pid E-Store Kit-2 PayPal Edition viewdetails.php pid www.magicscripts.com AuTh0r : Mr.SQL H0ME : WwW.PaL-HaCkEr.CoM &...
CVE-2006-6034
Multiple SQL injection vulnerabilities in SitesOutlet E-commerce Kit-1 PayPal Edition allow remote attackers to execute arbitrary SQL commands via the 1 keyword or 2 cid parameter in a catalogue.asp, or the 3 pid parameter in b viewDetail.asp...
CVE-2006-6034
Multiple SQL injection vulnerabilities in SitesOutlet E-commerce Kit-1 PayPal Edition allow remote attackers to execute arbitrary SQL commands via the 1 keyword or 2 cid parameter in a catalogue.asp, or the 3 pid parameter in b viewDetail.asp...
CVE-2006-6034
CVE-2006-6034 involves multiple SQL injection vulnerabilities in SitesOutlet E-commerce Kit-1 PayPal Edition. The affected functionality allows remote attackers to inject SQL via parameters in catalogue.asp (keyword, cid) and in viewDetail.asp (pid). The provided sources describe arbitrary SQL ex...
ecomkit1.txt
vendor site:http://www.sitesoutlet.com/ product:E-commerce Kit 1 PayPal Edition bug:injection sql risk:medium injection sql : http://site.com/PATH/catalogue.asp?keyword='sql http://site.com/PATH/catalogue.asp?cid='sql http://site.com/PATH//viewDetail.asp?pid='sql laurent gaffié & benjamin mossé...
CVE-2005-0897
PHP remote file inclusion vulnerability in catalog.php in E-Store Kit-2 PayPal Edition allows remote attackers to execute arbitrary PHP code by modifying the menu and main parameters to reference a URL on a remote web server that contains the code...
CVE-2005-0898
CVE-2005-0898 describes a cross-site scripting (XSS) vulnerability in the PHP file downloadform.php of the E-Store Kit-2 PayPal Edition. The flaw allows remote attackers to inject arbitrary web script or HTML by supplying a crafted txn_id parameter, potentially impacting users who view the affect...
CVE-2005-0897
CVE-2005-0897 describes a PHP remote file inclusion vulnerability in the catalog.php file of the E-Store Kit-2 PayPal Edition. The issue arises from allowing the menu and main parameters to reference a URL on a remote server, enabling an attacker to cause the application to include and execute ar...
CVE-2005-0897
PHP remote file inclusion vulnerability in catalog.php in E-Store Kit-2 PayPal Edition allows remote attackers to execute arbitrary PHP code by modifying the menu and main parameters to reference a URL on a remote web server that contains the code...
File inclusion and XSS vulnerability in E-Store Kit-2 PayPal Edition
Dcrab 's Security Advisory http://icis.digitalparadox.org/dcrab http://www.hackerscenter.com/ Severity: High Title: File inclusion and XSS vulnerability in E-Store Kit-2 PayPal Edition Date: March 26, 2005 Summary: There are file include and xss vulnerabilities in E-Store Kit-2 PayPal Edition...
MagicScripts E-Store Kit-2 PayPal Edition - Remote File Inclusion
source: https://www.securityfocus.com/bid/12910/info MagicScripts E-Store Kit-2 PayPal Edition is prone to a remote file include vulnerability. Remote attackers could potentially exploit this issue to include a remote malicious PHP script. If the attacker is able to execute the remote script it...
MagicScripts E-Store Kit-2 PayPal Edition - Cross-Site Scripting
MagicScripts E-Store Kit-2 PayPal Edition - Cross-Site Scripting source: https://www.securityfocus.com/bid/12909/info MagicScripts E-Store Kit-2 PayPal Edition is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to have arbitrary script code executed in the brows...
MagicScripts E-Store Kit-2 PayPal Edition - Remote File Inclusion
MagicScripts E-Store Kit-2 PayPal Edition - Remote File Inclusion source: https://www.securityfocus.com/bid/12910/info MagicScripts E-Store Kit-2 PayPal Edition is prone to a remote file include vulnerability. Remote attackers could potentially exploit this issue to include a remote malicious PHP...