29 matches found
EUVD-2009-2215
Malware in sbrugna...
EUVD-2009-2214
Malware in sbrugna...
EUVD-2009-2092
Malware in sbrugna...
phpCollegeExchange 0.1.5c Multiple SQL Injection Vulnerabilities
phpCollegeExchange 0.1.5c Multiple SQL Injection Vulnerabilities Name phpCollegeExchange Vendor http://phpcollegeex.sourceforge.net Versions Affected 0.1.5c Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2009-12-11 X...
phpCollegeExchange 0.1.5c Multiple SQL Injection Vulnerabilities
No description provided by source. Name phpCollegeExchange Vendor http://phpcollegeex.sourceforge.net Versions Affected 0.1.5c Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2009-12-11 X. INDEX I. ABOUT THE APPLICATION I...
phpCollegeExchange 0.1.5c Authentication Bypass
phpCollegeExchange 0.1.5c Multiple SQL Injection Vulnerabilities Name phpCollegeExchange Vendor http://phpcollegeex.sourceforge.net Versions Affected 0.1.5c Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2009-12-11 X...
phpCollegeExchange 0.1.5c SQL Injection
PoC - phpCollegeExchange 0.1.5c SQL Injection - Salvatore Fresta aka Drosophila This code will print the columns number found by the injection. In order to view the content of the fields, you must exchange the number with the field name, adding a FROM tablename at the end of the injection query...
phpCollegeExchange 0.1.5c - Multiple SQL Injections
phpCollegeExchange 0.1.5c - Multiple SQL Injections phpCollegeExchange 0.1.5c Multiple SQL Injection Vulnerabilities Name phpCollegeExchange Vendor http://phpcollegeex.sourceforge.net Versions Affected 0.1.5c Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact...
phpCollegeExchange 0.1.5c - Multiple SQL Injections
phpCollegeExchange 0.1.5c Multiple SQL Injection Vulnerabilities Name phpCollegeExchange Vendor http://phpcollegeex.sourceforge.net Versions Affected 0.1.5c Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2009-12-11 X...
CVE-2009-2219
Multiple cross-site scripting XSS vulnerabilities in phpCollegeExchange 0.1.5c allow remote attackers to inject arbitrary web script or HTML via the 1 SESSIONhandle parameter to a home.php, b books/allbooks.php, or c books/home.php; or the 2 home parameter to d ihead.php or e inav.php, or f...
CVE-2009-2218
Multiple PHP remote file inclusion vulnerabilities in phpCollegeExchange 0.1.5c, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the home parameter to 1 ihead.php, 2 inav.php, 3 usernew2.php, or 4 house/myrents.php; or 5 allbooks.php, 6 home.php,...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in phpCollegeExchange 0.1.5c, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the home parameter to 1 ihead.php, 2 inav.php, 3 usernew2.php, or 4 house/myrents.php; or 5 allbooks.php, 6 home.php,...
CVE-2009-2218
Multiple PHP remote file inclusion vulnerabilities in phpCollegeExchange 0.1.5c, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the home parameter to 1 ihead.php, 2 inav.php, 3 usernew2.php, or 4 house/myrents.php; or 5 allbooks.php, 6 home.php,...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in phpCollegeExchange 0.1.5c allow remote attackers to inject arbitrary web script or HTML via the 1 SESSIONhandle parameter to a home.php, b books/allbooks.php, or c books/home.php; or the 2 home parameter to d ihead.php or e inav.php, or f...
CVE-2009-2219
Multiple cross-site scripting XSS vulnerabilities in phpCollegeExchange 0.1.5c allow remote attackers to inject arbitrary web script or HTML via the 1 SESSIONhandle parameter to a home.php, b books/allbooks.php, or c books/home.php; or the 2 home parameter to d ihead.php or e inav.php, or f...
CVE-2009-2219
CVE-2009-2219 : The connected records show concrete details. Multiple XSS vulnerabilities affect phpCollegeExchange 0.1.5c. Attackers can inject arbitrary web script or HTML through input vectors in the PHP files under the books/ directory: (1) _SESSION[handle] in home.php, books/allbooks.php, an...
CVE-2009-2218
Multiple PHP remote file inclusion vulnerabilities affect phpCollegeExchange 0.1.5c when register_globals is enabled. The flaws allow an attacker to trigger arbitrary PHP code execution by supplying a URL in the home parameter to several PHP scripts (i_head.php, i_nav.php, user_new_2.php, house/m...
phpCollegeExchange 0.1.5c (RFI/LFI/XSS) Multiple Vulnerabilities
No description provided by source. ┌┌─────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └─────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes a...
phpCollegeExchange 0.1.5c (RFI/LFI/XSS) Multiple Vulnerabilities
Exploit for unknown platform in category web applications ================================================================ phpCollegeExchange 0.1.5c RFI/LFI/XSS Multiple Vulnerabilities ================================================================...
phpCollegeExchange 0.1.5c - Local File Inclusion / Remote File Inclusion / Cross-Site Scripting
???????????????????????????????????????????????????????????????????????????????????? ?? C r a C k E r ?? ?? T H E C R A C K O F E T E R N A L M I G H T ?? ???????????????????????????????????????????????????????????????????????????????????? ????? From The Ashes and Dust Rises An Unimaginable...