40 matches found
EUVD-2012-2904
Malware in sbrugna...
EUVD-2013-3893
Malware in sbrugna...
EUVD-2012-1987
Malware in sbrugna...
EUVD-2008-3021
Malware in sbrugna...
Simple PHP Agenda Request Forgery Vulnerability
Simple PHP Agenda is a PHP, MYSQL based meeting schedule management tool. A request forgery vulnerability exists in Simple PHP Agenda auth/process.php, which allows remote attackers to construct malicious URIs, trick users into parsing them, and perform malicious actions in the context of the...
CVE-2012-1978
Multiple cross-site request forgery CSRF vulnerabilities in Simple PHP Agenda 2.2.8 and earlier allow remote attackers to hijack the authentication of administrators for requests that 1 add an administrator via a request to auth/process.php, 2 delete an administrator via a request to...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in Simple PHP Agenda 2.2.8 and earlier allow remote attackers to hijack the authentication of administrators for requests that 1 add an administrator via a request to auth/process.php, 2 delete an administrator via a request to...
CVE-2012-1978
Multiple cross-site request forgery CSRF vulnerabilities in Simple PHP Agenda 2.2.8 and earlier allow remote attackers to hijack the authentication of administrators for requests that 1 add an administrator via a request to auth/process.php, 2 delete an administrator via a request to...
PHP-Agenda <= 2.2.5 - Remote File Overwriting Vulnerabilities
No description provided by source. Salvatore drosophila Fresta + Application: PHP-agenda + Version: = 2.2.5 + Website: http://php-agenda.sourceforge.net + Bugs: A Remote File Overwriting + Exploitation: Remote + Date: 10 Apr 2009 + Discovered by: Salvatore drosophila Fresta + Author: Salvatore...
Simple PHP Agenda 2.2.8 (edit_event.php, eventid param) - SQL Injection
No description provided by source...
PHP Agenda 2.2.8 - SQL Injection Vulnerability
No description provided by source. Title:Simple PHP Agenda 2.2.8 SQLi Vulnerability Version: php-agenda 2.2.8 Author/Found by: loneferret Manifacturer/Software link: http://sourceforge.net/projects/php-agenda/files/latest/download Other vulnerability: http://www.exploit-db.com/exploits/18694/ Dat...
CVE-2013-3961
SQL injection vulnerability in editevent.php in Simple PHP Agenda before 2.2.9 allows remote authenticated users to execute arbitrary SQL commands via the eventid parameter...
Sql injection
SQL injection vulnerability in editevent.php in Simple PHP Agenda before 2.2.9 allows remote authenticated users to execute arbitrary SQL commands via the eventid parameter...
CVE-2013-3961
CVE-2013-3961 affects Simple PHP Agenda up to version 2.2.8, where an authenticated user can exploit an SQL injection in edit_event.php via the eventid parameter. The root cause is inadequate input sanitization (relying on mysql_real_escape_string) allowing arbitrary SQL execution and potential d...
CVE-2013-3961
SQL injection vulnerability in editevent.php in Simple PHP Agenda before 2.2.9 allows remote authenticated users to execute arbitrary SQL commands via the eventid parameter...
Simple PHP Agenda 2.2.8 - edit_event.php?eventid SQL Injection
Simple PHP Agenda 2.2.8 - editevent.php?eventid SQL Injection ============================================= WEBERA ALERT ADVISORY 02 - Discovered by: Anthony Dubuissez - Severity: high - CVE Request – 05/06/2013 - CVE Assign – 06/06/2013 - CVE Number – CVE-2013-3961 - Vendor notification –...
Simple PHP Agenda 2.2.8 - 'edit_event.php?eventid' SQL Injection
============================================= WEBERA ALERT ADVISORY 02 - Discovered by: Anthony Dubuissez - Severity: high - CVE Request – 05/06/2013 - CVE Assign – 06/06/2013 - CVE Number – CVE-2013-3961 - Vendor notification – 06/06/2013 - Vendor reply – 10/06/2013 - Public disclosure –...
CVE-2012-2925
SQL injection vulnerability in engine.php in Simple PHP Agenda 2.2.8 allows remote attackers to execute arbitrary SQL commands via the priority parameter in an addTodo action...
Sql injection
SQL injection vulnerability in engine.php in Simple PHP Agenda 2.2.8 allows remote attackers to execute arbitrary SQL commands via the priority parameter in an addTodo action...
CVE-2012-2925
SQL injection vulnerability in engine.php in Simple PHP Agenda 2.2.8 allows remote attackers to execute arbitrary SQL commands via the priority parameter in an addTodo action...