34 matches found
CVE-2009-4597
Multiple SQL injection vulnerabilities in index.php in PHP Inventory 1.2 allow 1 remote authenticated users to execute arbitrary SQL commands via the userid parameter in a users details action, and allow remote attackers to execute arbitrary SQL commands via the 2 user username and 3 pass passwor...
CVE-2009-4595
SQL injection vulnerability in index.php in PHP Inventory 1.2 allows remote authenticated users to execute arbitrary SQL commands via the supid parameter in a suppliers details action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party informatio...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in PHP Inventory 1.2 allows remote attackers to inject arbitrary web script or HTML via the supid parameter in a suppliers details action...
Sql injection
SQL injection vulnerability in index.php in PHP Inventory 1.2 allows remote authenticated users to execute arbitrary SQL commands via the supid parameter in a suppliers details action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party informatio...
CVE-2009-4597
The CVE-2009-4597 entry covers SQL injection flaws in PHP Inventory (notably versions around 1.2/1.3.x) in index.php. The vulnerabilities allow SQL commands to be injected through user_id in a user details action, and through user/password fields, enabling unauthorized data access via poorly sani...
CVE-2009-4595
Summary of CVE-2009-4595 : PHP Inventory vulnerable to SQL injection via index.php in version 1.2 (also affects related tracked versions). The issue stems from unsanitized input in the sup_id parameter used in the suppliers details action, allowing (authenticated) users to craft arbitrary SQL. Mu...
CVE-2009-4595
SQL injection vulnerability in index.php in PHP Inventory 1.2 allows remote authenticated users to execute arbitrary SQL commands via the supid parameter in a suppliers details action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party informatio...
CVE-2009-4596
Cross-site scripting XSS vulnerability in index.php in PHP Inventory 1.2 allows remote attackers to inject arbitrary web script or HTML via the supid parameter in a suppliers details action...
CVE-2009-4597
Multiple SQL injection vulnerabilities in index.php in PHP Inventory 1.2 allow 1 remote authenticated users to execute arbitrary SQL commands via the userid parameter in a users details action, and allow remote attackers to execute arbitrary SQL commands via the 2 user username and 3 pass passwor...
PHP Inventory 1.2 SQL Injection
PHP Inventory v1.2 Remote Auth Bypass SQL Injection Vulnerabiity Found By: mrme Download: http://www.phpwares.com/content/php-inventory Tested On: Windows Vista Note: For educational purposes only First of all lets login to admin with: http://server/php-inventory/index.php username: ' or 1=1--...
PHP Inventory v1.2 Remote (Auth Bypass) SQL Injection Vulnerabiity
No description provided by source. PHP Inventory v1.2 Remote Auth Bypass SQL Injection Vulnerabiity Found By: mrme Download: http://www.phpwares.com/content/php-inventory Tested On: Windows Vista Note: For educational purposes only First of all lets login to admin with:...
PHP Inventory v1.2 Remote (Auth Bypass) SQL Injection Vulnerabiity
Exploit for unknown platform in category web applications ================================================================== PHP Inventory v1.2 Remote Auth Bypass SQL Injection Vulnerabiity ================================================================== PHP Inventory v1.2 Remote Auth Bypass SQ...
PHP Inventory 1.2 - Authentication Bypass
PHP Inventory 1.2 - Authentication Bypass PHP Inventory v1.2 Remote Auth Bypass SQL Injection Vulnerabiity Found By: mrme Download: http://www.phpwares.com/content/php-inventory Tested On: Windows Vista Note: For educational purposes only First of all lets login to admin with:...
PHP Inventory 1.2 - Authentication Bypass
PHP Inventory v1.2 Remote Auth Bypass SQL Injection Vulnerabiity Found By: mrme Download: http://www.phpwares.com/content/php-inventory Tested On: Windows Vista Note: For educational purposes only First of all lets login to admin with: http://server/php-inventory/index.php username: ' or 1=1--...