33 matches found
EUVD-2006-1805
Malware in sbrugna...
EUVD-2009-0707
Malware in sbrugna...
PowerClan <= 1.14a (footer.inc.php) Remote File Include Vulnerability
No description provided by source. +------------------------------------------------------------------------------------------- + PowerClan = 1.14a footer.inc.php Remote File Include Vulnerability +------------------------------------------------------------------------------------------- + Vendo...
PowerClan 1.14 Member.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/17528/info PowerClan is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow...
CVE-2009-0707
SQL injection vulnerability in admin/index.php in PowerClan 1.14a allows remote attackers to execute arbitrary SQL commands via the loginemail parameter aka login field. NOTE: some of these details are obtained from third party information...
Sql injection
SQL injection vulnerability in admin/index.php in PowerClan 1.14a allows remote attackers to execute arbitrary SQL commands via the loginemail parameter aka login field. NOTE: some of these details are obtained from third party information...
CVE-2009-0707
SQL injection vulnerability in admin/index.php in PowerClan 1.14a allows remote attackers to execute arbitrary SQL commands via the loginemail parameter aka login field. NOTE: some of these details are obtained from third party information...
CVE-2009-0707
CVE-2009-0707 is a SQL injection vulnerability in PowerClan 1.14a, specifically in admin/index.php where the loginemail parameter (login field) can be used to execute arbitrary SQL commands. The available connected documents confirm the affected component (admin/index.php), the software/version (...
PowerClan 1.14a SQL Injection
...:::::PowerClan 1.14a Auth Bypass SQL Injection Vulnerability::::.... Virangar Security Team www.virangar.net -------- Discoverd By :virangar security teamhadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Ali007,Zahra & all virangar members & all hackerz greetz:to my best friend in the...
PowerClan 1.14a (Auth Bypass) SQL Injection Vulnerability
No description provided by source. ...:::::PowerClan 1.14a Auth Bypass SQL Injection Vulnerability::::.... Virangar Security Team www.virangar.net -------- Discoverd By :virangar security teamhadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Ali007,Zahra & all virangar members & all hacke...
PowerClan 1.14a - Authentication Bypass
PowerClan 1.14a - Authentication Bypass ...:::::PowerClan 1.14a Auth Bypass SQL Injection Vulnerability::::.... Virangar Security Team www.virangar.net -------- Discoverd By :virangar security teamhadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Ali007,Zahra & all virangar members & all...
PowerClan 1.14a - Authentication Bypass
...:::::PowerClan 1.14a Auth Bypass SQL Injection Vulnerability::::.... Virangar Security Team www.virangar.net -------- Discoverd By :virangar security teamhadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Ali007,Zahra & all virangar members & all hackerz greetz:to my best friend in the...
PowerClan 1.14a (Auth Bypass) SQL Injection Vulnerability
Exploit for unknown platform in category web applications ========================================================= PowerClan 1.14a Auth Bypass SQL Injection Vulnerability =========================================================...
DSECRG-08-020.txt
DSECRG-08-020 Digital Security Research Group DSecRG Advisory Application: PowerClan Versions Affected: 1.14a Vendor URL: http://www.powerscripts.org/ Bug: Remote/Local File Include Exploits: YES Reported: 01.02.2008 Vendor Response: none Solution: none Date of Public Advisory: ..2008 Author:...
[DSECRG-08-020] RFI-LFI in PowerClan 1.14a
DSECRG-08-020 Digital Security Research Group DSecRG Advisory Application: PowerClan Versions Affected: 1.14a Vendor URL: http://www.powerscripts.org/ Bug: Remote/Local File Include Exploits: YES Reported: 01.02.2008 Vendor Response: none Solution: none Date of Public Advisory: ..2008 Author:...
PowerClan Footer.Inc.PHP远程文件包含漏洞
PowerClan是一款基于PHP的WEB应用程序。 PowerClan不正确过滤用户提交的输入,远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是'Footer.Inc.PHP' 脚本对用户提交的'settingsfooter'参数缺少过滤,指定远程服务器上的文件作为包含参数,可导致以WEB权限执行任意命令。 PowerScripts Powerclan 1.14a - Apache Software Foundation Apache 1.3.9 - Apache Software Foundation Apache for Windows 1.3.9 目前没有解决方案提供:...
CVE-2006-6715
PHP remote file inclusion vulnerability in footer.inc.php in PowerClan 1.14a and earlier, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the settingsfooter parameter...
EUVD-2006-6698
PHP remote file inclusion vulnerability in footer.inc.php in PowerClan 1.14a and earlier, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the settingsfooter parameter...
CVE-2006-6715
PowerClan 1.14a and earlier is affected by a PHP remote file inclusion in footer.inc.php. The root cause is a user-controllable URL passed via the settings[footer] parameter when register_globals is enabled, allowing remote attackers to execute arbitrary PHP code. This vulnerability can enable co...
CVE-2006-6715
PHP remote file inclusion vulnerability in footer.inc.php in PowerClan 1.14a and earlier, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the settingsfooter parameter...