EUVD-2006-0082

Malware in sbrugna...

EUVD-2009-1809

Malware in sbrugna...

Jevontech PHPenpals PersonalID SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16109/info Jevontech PHPenpals is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitatio...

PHPenpals <= 1.1 (mail.php ID) Remote SQL Injection Exploit

No description provided by source. !usr/bin/perl |------------------------------------------------------------------------------------------------------------------ | -Info: | -Name: Phpenpals | -Version: = 1.1 | -Site: http://sourceforge.net/projects/phpenpals/ | -Download Script:...

PHPenpals profile.php personalID Parameter SQL Injection - Ver2 (CVE-2006-0074)

An SQL injection vulnerability has been reported in Jevontech Phpenpals. An attacker could exploit this vulnerability via the personalID parameter. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

CVE-2009-1814

SQL injection vulnerability in mail.php in PHPenpals 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: the profile.php vector is already covered by CVE-2006-0074...

Sql injection

SQL injection vulnerability in mail.php in PHPenpals 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: the profile.php vector is already covered by CVE-2006-0074...

CVE-2009-1814

SQL injection vulnerability in mail.php in PHPenpals 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: the profile.php vector is already covered by CVE-2006-0074...

CVE-2009-1814

CVE-2009-1814 describes an SQL injection in mail.php of PHPenpals (v1.1 and earlier) allowing remote SQL command execution via the ID parameter. Consequences and patch details are not provided here beyond noting that the profile.php vector is covered by CVE-2006-0074; the connected records indica...

PHPenpals 1.1 - &#039;mail.php?ID&#039; SQL Injection

!usr/bin/perl |------------------------------------------------------------------------------------------------------------------ | -Info: | -Name: Phpenpals | -Version: D | -Contact: [email protected] | | -Gretz: Osirys , xs86 , 6Bl4ck9f0x6 , str0ke | | -p0c: | -SQL INJECTION: | |...

PHPenpals 1.1 - mail.php?ID SQL Injection

PHPenpals 1.1 - mail.php?ID SQL Injection !usr/bin/perl |------------------------------------------------------------------------------------------------------------------ | -Info: | -Name: Phpenpals | -Version: D | -Contact: [email protected] | | -Gretz: Osirys , xs86 , 6Bl4ck9f0x6 , str0ke |...

PHPenpals &lt;= 1.1 (mail.php ID) Remote SQL Injection Exploit

No description provided by source. !usr/bin/perl |------------------------------------------------------------------------------------------------------------------ | -Info: | -Name: Phpenpals | -Version: = 1.1 | -Site: http://sourceforge.net/projects/phpenpals/ | -Download Script:...

PHPenpals <= 1.1 (mail.php ID) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications =========================================================== PHPenpals D | | -p0c: | -SQL INJECTION: | | -http://localhost/Scripts/phpenpals/mail.php?ID=-1+union+select+1,@@version-- | -Vuls: @array = 'profile.php?personalID=' ,...

Sql injection

SQL injection vulnerability in profile.php in PHPenpals allows remote attackers to execute arbitrary SQL commands via the personalID parameter. NOTE: it was later reported that 1.1 and earlier are affected...

CVE-2006-0074

SQL injection vulnerability in profile.php in PHPenpals allows remote attackers to execute arbitrary SQL commands via the personalID parameter. NOTE: it was later reported that 1.1 and earlier are affected...

CVE-2006-0074

SQL injection vulnerability in profile.php in PHPenpals allows remote attackers to execute arbitrary SQL commands via the personalID parameter. NOTE: it was later reported that 1.1 and earlier are affected...

CVE-2006-0074

CVE-2006-0074 describes an SQL injection in PHPenpals’ profile.php via the personalID parameter. The vulnerability allows remote attackers to execute arbitrary SQL commands. Connected sources indicate that the issue affects profile.php and note that 1.1 and earlier versions are affected; this vec...

EV0005.txt

New eVuln Advisory: PHPenpals SQL Injection Vulnerability --------------------Summary---------------- Vendor: Jevontec http://jevontech.com/ Software: PHPenpals Versions: 310704 Critical Level: Moderate Type: SQL Injection Class: Remote Status: Unpatched Exploit: Available Solution: Not Available...

[eVuln] PHPenpals SQL Injection Vulnerabilit

New eVuln Advisory: PHPenpals SQL Injection Vulnerability --------------------Summary---------------- Vendor: Jevontec http://jevontech.com/ Software: PHPenpals Versions: 310704 Critical Level: Moderate Type: SQL Injection Class: Remote Status: Unpatched Exploit: Available Solution: Not Available...

[SA18269] PHPenpals &quot;personalID&quot; SQL Injection Vulnerability

TITLE: PHPenpals "personalID" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA18269 VERIFY ADVISORY: http://secunia.com/advisories/18269/ CRITICAL: Moderately critical IMPACT: Manipulation of data WHERE: From remote SOFTWARE: PHPenpals http://secunia.com/product/6718/ DESCRIPTION: Aliaksandr...