Lucene search
K

15 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2009-0709

Malware in sbrugna...

7.5CVSS6.4AI score0.00951EPSS
Exploits0References4
NVD
NVD
added 2009/02/23 3:30 p.m.19 views

CVE-2009-0709

SQL injection vulnerability in login.php in PHPFootball 1.6 allows remote attackers to execute arbitrary SQL commands via the user parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

7.5CVSS8.1AI score0.00951EPSS
Exploits0References3
NVD
NVD
added 2009/02/23 3:30 p.m.28 views

CVE-2009-0711

filter.php in PHPFootball 1.6 and earlier allows remote attackers to retrieve password hashes via a request with an Accounts value for the dbtable parameter, in conjunction with a Password value for the dbfield parameter. NOTE: this has been reported as a SQL injection vulnerability by some...

5CVSS7.3AI score0.01208EPSS
Exploits0References3
Prion
Prion
added 2009/02/23 3:30 p.m.16 views

Sql injection

filter.php in PHPFootball 1.6 and earlier allows remote attackers to retrieve password hashes via a request with an Accounts value for the dbtable parameter, in conjunction with a Password value for the dbfield parameter. NOTE: this has been reported as a SQL injection vulnerability by some...

5CVSS8AI score0.01208EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2009/02/23 3:30 p.m.13 views

Sql injection

SQL injection vulnerability in login.php in PHPFootball 1.6 allows remote attackers to execute arbitrary SQL commands via the user parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

7.5CVSS8.8AI score0.00951EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2009/02/23 3:0 p.m.49 views

CVE-2009-0709

The CVE-2009-0709 entry describes a SQL injection vulnerability in PHPFootball 1.6, specifically in login.php where the user parameter can be used by remote attackers to execute arbitrary SQL commands. Affected component: PHPFootball 1.6 (login.php). Underlying cause: unsanitized user input leadi...

7.5CVSS8.3AI score0.00951EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2009/02/23 3:0 p.m.50 views

CVE-2009-0710

CVE-2009-0710 : The connected documents describe two cross-site scripting (XSS) vulnerabilities in PHPFootball 1.6. An attacker can inject arbitrary script or HTML via (1) the user parameter to login.php and (2) the dbfield parameter to filter.php. The notes do not provide details on affected ver...

4.3CVSS5.7AI score0.01507EPSS
Exploits0References5Affected Software1
exploitpack
exploitpack
added 2009/01/01 12:0 a.m.13 views

PHPFootball 1.6 - Remote Hash Disclosure

PHPFootball 1.6 - Remote Hash Disclosure \n"; exit; else $head .= "GET /$path/filter.php?dbtable=Accounts&dbfield=Password HTTP/1.1\r\n"; $head .= "Host: $host\r\n"; $head .= "Connection: close\r\n\r\n"; $fsock = fsockopen $host,80; fputs $fsock,$head; while !feof$fsock $cont .= fgets$fsock;...

7.5AI score
Exploits0
Exploit DB
Exploit DB
added 2009/01/01 12:0 a.m.41 views

PHPFootball 1.6 - Remote Hash Disclosure

\n"; exit; else $head .= "GET /$path/filter.php?dbtable=Accounts&dbfield=Password HTTP/1.1\r\n"; $head .= "Host: $host\r\n"; $head .= "Connection: close\r\n\r\n"; $fsock = fsockopen $host,80; fputs $fsock,$head; while !feof$fsock $cont .= fgets$fsock; fclose$fsock; if pregmatchall"/.+?/",$cont,$i...

7.4AI score
Exploits0
Prion
Prion
added 2008/07/30 6:41 p.m.12 views

Sql injection

SQL injection vulnerability in show.php in PHPFootball 1.6 allows remote attackers to execute arbitrary SQL commands via the dbtable parameter...

7.5CVSS9.1AI score0.00967EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2008/07/30 6:0 p.m.41 views

CVE-2008-3387

The CVE-2008-3387 entry concerns a SQL injection in show.php of PHPFootball 1.6, enabling remote attackers to execute arbitrary SQL commands via the dbtable parameter. The NVD-derived CVSSv2 metrics indicate a base score of 7.5 (HIGH) with network attack vector, low attack complexity, and no auth...

7.5CVSS8.4AI score0.00967EPSS
Exploits1References4Affected Software1
Packet Storm
Packet Storm
added 2008/07/21 12:0 a.m.36 views

phpfootball-sql.txt

Viva IslaM Viva IslaM Remote SQL injection Vulnerability PHPFootball 1.6 show.php dbtable AuTh0r : Mr.SQL H0ME : WwW.PaL-HaCkEr.CoM && WwW.AtsDp.CoM/f Email : [email protected] SYRIAN Arab HACkErS -: Exploite :-...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2008/07/20 12:0 a.m.22 views

PHPFootball 1.6 - SQL Injection

PHPFootball 1.6 - SQL Injection Viva IslaM Viva IslaM Remote SQL injection Vulnerability PHPFootball 1.6 show.php dbtable AuTh0r : Mr.SQL H0ME : WwW.PaL-HaCkEr.CoM && WwW.AtsDp.CoM/f Email : [email protected] SYRIAN Arab HACkErS -: Exploite :-...

0.3AI score
Exploits0
EUVD
EUVD
added 2007/01/31 9:0 p.m.4 views

EUVD-2007-0636

show.php in Vlad Alexa Mancini PHPFootball 1.6 allows remote attackers to obtain sensitive information database contents via a % percent character in the dbfieldv parameter...

5CVSS6AI score0.03023EPSS
Exploits1References6
Packet Storm
Packet Storm
added 2007/01/31 12:0 a.m.46 views

phpfootball16-disclose.txt

Title : PHPFootball 1.6 show.php Remote Database Disclosure Vulnerability Author : ajann Contact : : S.Page : http://phpfootball.sourceforge.net $$ : Free Dork : inurl:/phpfootball/ DBREAD--------------------------------------------------------- http://target/path//show.php VARIABLES Example:...

7.4AI score
Exploits0
Rows per page
Query Builder