12 matches found
EUVD-2008-4979
Malware in sbrugna...
EUVD-2008-3475
Malware in sbrugna...
Sql injection
SQL injection vulnerability in admin/includes/news.inc.php in PHPX 3.5.16, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via uppercase characters in the newsid parameter...
CVE-2008-5000
CVE-2008-5000 is an SQL injection vulnerability in PHPX 3.5.16, exploitable when magic_quotes_gpc is disabled. The flaw resides in admin/includes/news.inc.php, allowing remote attackers to inject arbitrary SQL via the news_id parameter (uppercase input). Multiple sources reference this PHPX issue...
PHPX 3.5.16 (news_id) Remote SQL Injection Exploit
No description provided by source. ?php errorreporting0; iniset"defaultsockettimeout",5; settimelimit0; / --------------------------------------------------- PHP X 3.5.16 newsid Remote SQL Injection Exploit --------------------------------------------------- By StAkeRathotmaildotit Download On...
PHPX 3.5.16 (news_id) Remote SQL Injection Exploit
Exploit for unknown platform in category web applications ================================================== PHPX 3.5.16 newsid Remote SQL Injection Exploit ================================================== action = $GET'action'; 12. $this-newsid = $GET'newsid'; 13. 14. global $userinfo; 15...
PHPX 3.5.16 - news_id SQL Injection
PHPX 3.5.16 - newsid SQL Injection action = $GET'action'; 12. $this-newsid = $GET'newsid'; 13. 14. global $userinfo; 15. global $core; 16. 17. $this-core = $core; 18. 19. $this-userinfo = $userinfo; 20. 21. 22. 23. 24. if !$this-userinfo DIE"HACK ATTEMPT"; 25. if $this-userinfonews != 1 DIE"NO...
PHPX 3.5.16 - 'news_id' SQL Injection
action = $GET'action'; 12. $this-newsid = $GET'newsid'; 13. 14. global $userinfo; 15. global $core; 16. 17. $this-core = $core; 18. 19. $this-userinfo = $userinfo; 20. 21. 22. 23. 24. if !$this-userinfo DIE"HACK ATTEMPT"; 25. if $this-userinfonews != 1 DIE"NO ACCESS TO THIS MODULE"; 26. 27...
Sql injection
SQL injection vulnerability in checkCookie function in includes/functions.inc.php in PHPX 3.5.16 allows remote attackers to execute arbitrary SQL commands via a PXL cookie...
CVE-2008-3489
SQL injection vulnerability in checkCookie function in includes/functions.inc.php in PHPX 3.5.16 allows remote attackers to execute arbitrary SQL commands via a PXL cookie...
CVE-2008-3489
CVE-2008-3489 is an SQL injection vulnerability affecting PHPX 3.5.16, specifically in the checkCookie function within includes/functions.inc.php. The underlying issue enables remote attackers to inject and execute arbitrary SQL commands through a PXL cookie. Public sources in the connected docum...
CVE-2008-3489
SQL injection vulnerability in checkCookie function in includes/functions.inc.php in PHPX 3.5.16 allows remote attackers to execute arbitrary SQL commands via a PXL cookie...