EUVD-2008-3668

Malware in sbrugna...

PHP Realty 'dpage.php' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30678/info PHP Realty is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise th...

YPNinc PHP Realty Script (docID) SQL Injection Vulnerability

No description provided by source. / / / \ \ \ \ \ / / \\ \ \ \ \ // /// \ \ / / \ //|\ / \ \ \ \ \ \ / / \ \ / / \ | | | \ | | || | | |/ / \ V / || |\ V / / \ | / \ | /| | | || / | | | | . | ' || / | || // \ // \|||/|||||||||\ .WEB.ID...

YPNinc PHP Realty Script SQL Injection

/ / / \ \ \ \ \ / / \\ \ \ \ \ // /// \ \ / / \ //|\ / \ \ \ \ \ \ / / \ \ / / \ | | | \ | | || | | |/ / \ V / || |\ V / / \ | / \ | /| | | || / | | | | . | ' || / | || // \ // \|||/|||||||||\ .WEB.ID ----------------------------------------------------------------------- YPNinc...

YPNinc PHP Realty Script (docID) SQL Injection Vulnerability

Exploit for php platform in category web applications ============================================================ YPNinc PHP Realty Script docID SQL Injection Vulnerability ============================================================ Author : v3n0m Site : http://yogyacarderlink.web.id/ Date :...

PHP Realty (dpage.php) Remote SQL Injection Vulnerability

Exploit for php platform in category web applications ========================================================= PHP Realty dpage.php Remote SQL Injection Vulnerability ========================================================= Author: HaiHui Published: 29.06.2010 Description: PHP Realty is a turnk...

YPNinc PHP Realty Script - docID SQL Injection

YPNinc PHP Realty Script - docID SQL Injection / / / \ \ \ \ \ / / \\ \ \ \ \ // /// \ \ / / \ //|\ / \ \ \ \ \ \ / / \ \ / / \ | | | \ | | || | | |/ / \ V / || |\ V / / \ | / \ | /| | | || / | | | | . | ' || / | || // \ // \|||/|||||||||\ .WEB.ID...

YPNinc PHP Realty Script - 'docID' SQL Injection

/ / / \ \ \ \ \ / / \\ \ \ \ \ // /// \ \ / / \ //|\ / \ \ \ \ \ \ / / \ \ / / \ | | | \ | | || | | |/ / \ V / || |\ V / / \ | / \ | /| | | || / | | | | . | ' || / | || // \ // \|||/|||||||||\ .WEB.ID ----------------------------------------------------------------------- YPNinc...

Sql injection

SQL injection vulnerability in dpage.php in YPN PHP Realty allows remote attackers to execute arbitrary SQL commands via the docID parameter...

CVE-2008-3682

SQL injection vulnerability in dpage.php in YPN PHP Realty allows remote attackers to execute arbitrary SQL commands via the docID parameter...

CVE-2008-3682

CVE-2008-3682 describes an SQL injection vulnerability in dpage.php of YPN PHP Realty. The underlying issue is unsafely handling the docID parameter, enabling remote attackers to execute arbitrary SQL commands. Documents consistently state: an injection via docID could impact the application, wit...

CVE-2008-3682

SQL injection vulnerability in dpage.php in YPN PHP Realty allows remote attackers to execute arbitrary SQL commands via the docID parameter...

PHP Realty 'dpage.php' SQL注入漏洞

BUGTRAQ ID: 30678 CNCAN ID：CNCAN-2008081407 PHP Realty是一款基于PHP的WEB应用程序。 PHP Realty不正确处理用户提交的输入，远程攻击者可以利用漏洞进行SQL注入攻击，可能获得敏感信息或操作数据库。 问题由于'dpage.php'脚本对用户提交给'docid'参数缺少过滤，构建恶意SQL查询作为参数数据，可更改原来的SQL逻辑，获得敏感信息或操作数据库。 YPN PHP Realty 目前没有解决方案提供： http://ypninc.com/php-realty-fsbo-portal-script/prod76.html...

PHP Realty - 'dpage.php' SQL Injection

source: https://www.securityfocus.com/bid/30678/info PHP Realty is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...

PHP Realty - dpage.php SQL Injection

PHP Realty - dpage.php SQL Injection source: https://www.securityfocus.com/bid/30678/info PHP Realty is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise...

phprealty-sql.txt

┌┌─────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └─────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An Unimaginable...