20 matches found
EUVD-2007-3503
Malware in sbrugna...
EUVD-2002-1943
Malware in sbrugna...
CVE-2002-1964
Unknown vulnerability in WesMo phpEventCalendar 1.1 allows remote attackers to execute arbitrary commands via unknown attack vectors...
phpEventCalendar <= 0.2.3 (eventdisplay.php) SQL Injection Exploit
No description provided by source. !/usr/bin/perl Vendor url: www.ikemcg.com require LWP::UserAgent; print phpEventCalendar = v0.2.3 SQL Injection Exploit By Iron - ironwarez.info Thanks to Silentz for the help : Greets to everyone at RootShell Security Group & dHack Example target url:...
phpEventCalendar 0.2.3 - Multiple Vulnerabilities
No description provided by source. phpEventCalendar v.0.2.3 Multiple Vulnerabilities ==================================================================== .:. Author : AtT4CKxT3rR0r1ST .:. Contact : [email protected] , [email protected] .:. Home : http://www.iphobos.com/blog/ .:. Script :...
phpEventCalendar 0.2.3 - Multiple Vulnerabilities
phpEventCalendar 0.2.3 - Multiple Vulnerabilities phpEventCalendar v.0.2.3 Multiple Vulnerabilities ==================================================================== .:. Author : AtT4CKxT3rR0r1ST .:. Contact : [email protected] , [email protected] .:. Home : http://www.iphobos.com/blog/ .:...
phpEventCalendar 0.2.3 - Multiple Vulnerabilities
phpEventCalendar v.0.2.3 Multiple Vulnerabilities ==================================================================== .:. Author : AtT4CKxT3rR0r1ST .:. Contact : [email protected] , [email protected] .:. Home : http://www.iphobos.com/blog/ .:. Script : http://www.phpcodeworks.com/pec/download...
PHPEventCalendar Eventdisplay.PHP SQL注入漏洞
PHPEventCalendar是一款基于PHP的WEB应用程序。 PHPEventCalendar不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞进行SQL注入攻击获得敏感信息。 问题是由于'Eventdisplay.PHP'脚本对用户提交的WEB参数缺少过滤,提交恶意SQL查询作为参数数据,可导致应用程序处理时更改原来的SQL逻辑,攻击者可以获得敏感信息或者操作数据库。 phpEventCalendar phpEventCalendar 0.2.3 phpEventCalendar phpEventCalendar 0.2.2 目前没有解决方案提供:...
Sql injection
SQL injection vulnerability in eventdisplay.php in phpEventCalendar 0.2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2007-3519
SQL injection vulnerability in eventdisplay.php in phpEventCalendar 0.2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2007-3519
SQL injection vulnerability in eventdisplay.php in phpEventCalendar 0.2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2007-3519
CVE-2007-3519 describes an SQL injection in the eventdisplay.php script of phpEventCalendar 0.2.3 and earlier. The vulnerability allows remote attackers to execute arbitrary SQL commands through the id parameter. Affected component: PHP-based calendar application (eventdisplay.php). Root cause: u...
phpEventCalendar <= 0.2.3 (eventdisplay.php) SQL Injection Exploit
Exploit for unknown platform in category web applications ================================================================== phpEventCalendar ; if$target ! /^http:/// $target = "http://".$target; if$target ! //$/ $target .= "/"; print "User id to retrieve name/password from? 1 = admin";...
phpeventcal-sql.txt
!/usr/bin/perl Vendor url: www.ikemcg.com require LWP::UserAgent; print " phpEventCalendar ; if$target ! /^http:/// $target = "http://".$target; if$target ! //$/ $target .= "/"; print "User id to retrieve name/password from? 1 = admin"; chomp$targetid=; $target .=...
phpEventCalendar 0.2.3 - eventdisplay.php SQL Injection
phpEventCalendar 0.2.3 - eventdisplay.php SQL Injection !/usr/bin/perl Vendor url: www.ikemcg.com require LWP::UserAgent; print " phpEventCalendar ; if$target ! /^http:/// $target = "http://".$target; if$target ! //$/ $target .= "/"; print "User id to retrieve name/password from? 1 = admin";...
CVE-2002-1964
Technical details are not publicly available in the provided documents for CVE-2002-1964; no affected product/version or root causes are disclosed. Monitor for updates.
CVE-2002-1964
Unknown vulnerability in WesMo phpEventCalendar 1.1 allows remote attackers to execute arbitrary commands via unknown attack vectors...
phpEventCalendar.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Title: phpEventCalendar HTML injection Vulnerability discovery: Madelman Date: 25/01/2005 Severity: Medium. Registered users can obtain other users cookies Summary: - -------- phpEventCalendar is a MySQL backed application that allows users to post an...
phpEventCalendar HTML injection
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Title: phpEventCalendar HTML injection Vulnerability discovery: Madelman madelman AT iname.com Date: 25/01/2005 Severity: Medium. Registered users can obtain other users cookies Summary: - -------- phpEventCalendar is a MySQL backed application that...
CVE-2002-1964
Unknown vulnerability in WesMo phpEventCalendar 1.1 allows remote attackers to execute arbitrary commands via unknown attack vectors...