12 matches found
EUVD-2008-6939
Malware in sbrugna...
EUVD-2008-6940
Malware in sbrugna...
EUVD-2008-6938
Malware in sbrugna...
phpAdultSite CMS 'results_per_page' Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/31057/info phpAdultSite is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of...
CVE-2008-6979
Cross-site scripting XSS vulnerability in asarchives.php in phpAdultSite CMS, possibly 2.3.2, allows remote attackers to inject arbitrary web script or HTML via the resultsperpage parameter to index.php. NOTE: some of these details are obtained from third party information. NOTE: this issue might...
CVE-2008-6980
SQL injection vulnerability in asarchives.php in phpAdultSite CMS, possibly 2.3.2, allows remote attackers to execute arbitrary SQL commands via the resultsperpage parameter to index.php. NOTE: some of these details are obtained from third party information...
Sql injection
SQL injection vulnerability in asarchives.php in phpAdultSite CMS, possibly 2.3.2, allows remote attackers to execute arbitrary SQL commands via the resultsperpage parameter to index.php. NOTE: some of these details are obtained from third party information...
CVE-2008-6979
CVE-2008-6979 is an XSS in phpAdultSite CMS (as_archives.php) affecting index.php via the results_per_page parameter (possibly in version 2.3.2). The issue, potentially stemming from a separate SQL injection vulnerability, is documented across multiple sources. Affected component: as_archives.php...
CVE-2008-6980
SQL injection vulnerability in asarchives.php in phpAdultSite CMS, possibly 2.3.2, allows remote attackers to execute arbitrary SQL commands via the resultsperpage parameter to index.php. NOTE: some of these details are obtained from third party information...
CVE-2008-6979
Cross-site scripting XSS vulnerability in asarchives.php in phpAdultSite CMS, possibly 2.3.2, allows remote attackers to inject arbitrary web script or HTML via the resultsperpage parameter to index.php. NOTE: some of these details are obtained from third party information. NOTE: this issue might...
CVE-2008-6980
The CVE-2008-6980 entry describes a SQL injection in as_archives.php of phpAdultSite CMS (likely version 2.3.2). The vulnerability enables remote attackers to manipulate the database via the results_per_page parameter to index.php. Per the NVD entry, the issue has a CVSS v2 base score of 7.5 (HIG...
phpadult-sqlxss.txt
Original article: http://www.davidsopas.com/2008/09/phpadult-cms-exploit/ phpAdultSite CMS is a PHP-based content management system for a adult pay site that fully supports MySQL. The code, layout, graphics of phpAdultSite are consistent through every single page of your site. It costs between $4...