14 matches found
EUVD-2008-0138
Malware in sbrugna...
PHPStats 0.1.9 - Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/23003/info Php-Stats is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker ...
phpstats 0.1_alpha - 'phpstats.php' Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28291/info The 'phpstats' program is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this...
PHPStats 0.1.9 PHP-Stats-Options.PHP Remote Code Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/23008/info PhpStats is prone to a remote code-execution vulnerability because the application fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary PHP code on an affected compute...
CVE-2008-0125
Cross-site scripting XSS vulnerability in phpstats.php in Michael Wagner phpstats 0.1 alpha allows remote attackers to inject arbitrary web script or HTML via the baseDir parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in phpstats.php in Michael Wagner phpstats 0.1 alpha allows remote attackers to inject arbitrary web script or HTML via the baseDir parameter...
CVE-2008-0125
Cross-site scripting XSS vulnerability in phpstats.php in Michael Wagner phpstats 0.1 alpha allows remote attackers to inject arbitrary web script or HTML via the baseDir parameter...
CVE-2008-0125
CVE-2008-0125 describes a cross-site scripting (XSS) vulnerability in phpstats.php of Michael Wagner’s phpstats 0.1 alpha, exploitable via the baseDir parameter. The issue allows remote attackers to inject arbitrary web script or HTML. Public sources consistently identify phpstats 0.1_alpha as th...
Cross Site Scripting (XSS) in phpstats 0.1_alpha, CVE-2008-0125
Online at: http://int21.de/cve/CVE-2008-0125-phpstats.html Cross Site Scripting XSS in phpstats 0.1alpha, CVE-2008-0125 References https://vulners.com/cve/CVE-2008-0125 http://www.michael-wagner.de/software/phpstats/ Description phpstats is a tool creating statistic information about a file tree...
phpstats0.1-xss.txt
Online at: http://int21.de/cve/CVE-2008-0125-phpstats.html Cross Site Scripting XSS in phpstats 0.1alpha, CVE-2008-0125 References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0125 http://www.michael-wagner.de/software/phpstats/ Description phpstats is a tool creating statistic...
phpStats 0.1_alpha - 'phpStats.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/28291/info The 'phpstats' program is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execute arbitrary script...
PHPStats SQL注入漏洞
PHPStats是一款基于PHP的WEB应用程序。 PHPStats不正确过滤用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,可获得敏感信息。 问题是'php-stats.recphp.php'脚本对用户提交的WEB参数缺少过滤,提交恶意SQL代码作为参数数据,可导致更改原来的SQL逻辑,获得敏感信息。 PhpStats 0.1.9 1b 目前没有解决方案提供: http://www.phpstats.net/ ?php printr'...
phpStats 0.1.9 - PHP-Stats-options.php Remote Code Execution
phpStats 0.1.9 - PHP-Stats-options.php Remote Code Execution source: https://www.securityfocus.com/bid/23008/info PhpStats is prone to a remote code-execution vulnerability because the application fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary PHP...
phpStats 0.1.9 - 'PHP-Stats-options.php' Remote Code Execution
source: https://www.securityfocus.com/bid/23008/info PhpStats is prone to a remote code-execution vulnerability because the application fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary PHP code on an affected computer with the privileges of the...