EUVD-2007-6589

Malware in sbrugna...

Adam Ismay Print Topic Mod 1.0 - SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10757/info Print Topic Mod is reportedly affected by a remote SQL injection vulnerability in the 'printview.php' script. This issue is due to a failure of the application to properly sanitize user-supplied URI parameter...

webSPELL <= 4.01.02 (topic) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV2 print \n \'/ ; print \n -.- ; print \n -------------------oOO------OOo-------------------; print \n | webSPELL = v4.01.02 topic Remote SQL Injection |; print \n | coded by DNX |; print \n...

ShortCMS 1.11F(B) (con) - SQL Injection Vulnerability

No description provided by source. ShortCMS v. 1.11FB con SQL Injection Vulnerability Author : Gamoscu Homepage : http://www.1923turk.com Blog : http://gamoscu.wordpress.com/ Script : ShortCMS Download : http://www.shortcms.de/index.php?dwnldct Vulnerable File printview.php?func=con&pvid= SQL XpL...

PNphpBB2 <= 1.2i - (printview.php phpEx) Local File Inclusion Vuln

No description provided by source. .-----------------------------------------------------------------------------. | vuln.: PNphpBB2 = 1.2i printview.php phpEx Local File Inclusion Vuln. | | download: http://www.pnphpbb.com/ | | dorks: Powered by PNphpBB2 / Powered por PNphpBB2 | |...

ShortCMS 1.11F(B) (con) - SQL Injection

ShortCMS v. 1.11FB con SQL Injection Vulnerability Author : Gamoscu Homepage : http://www.1923turk.com Blog : http://gamoscu.wordpress.com/ Script : ShortCMS Download : http://www.shortcms.de/index.php?dwnldct Vulnerable File printview.php?func=con&pvid= SQL XpL...

ShortCMS 1.11F(B) (con) - SQL Injection

ShortCMS 1.11FB con - SQL Injection ShortCMS v. 1.11FB con SQL Injection Vulnerability Author : Gamoscu Homepage : http://www.1923turk.com Blog : http://gamoscu.wordpress.com/ Script : ShortCMS Download : http://www.shortcms.de/index.php?dwnldct Vulnerable File printview.php?func=con&pvid= SQL Xp...

Directory traversal

Directory traversal vulnerability in printview.php in PNphpBB2 1.2i and earlier allows remote attackers to include and execute arbitrary local files via a .. dot dot in the phpEx parameter...

CVE-2007-6624

The CVE-2007-6624 issue is a directory traversal/local file inclusion vulnerability in PNphpBB2 1.2i and earlier, exploitable via a .. in the phpEx parameter of printview.php. The active impact is indicated as partial confidentiality, integrity, and availability (CVSS v2 base score 6.8). The vuln...

PNphpBB2 'printview.php'本地文件包含漏洞

BUGTRAQ ID: 27039 CNCAN ID:CNCAN-2007122805 PNphpBB2是一款基于PHP的WEB应用程序。 PNphpBB2不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞以WEB权限查看系统文件内容。 问题是由于'printview.php'脚本对用户提交的'phpEx'参数缺少过滤，提交包含多个"../"字符作为参数数据，可绕过WEB ROOT限制，以WEB权限查看系统文件内容。 PNphpBB2 1.2.0 i 厂商解决方案 ------------ 目前没有解决方案提供： http://www.pnphpbb.com/...

PNphpBB2 <= 1.2i (printview.php phpEx) Local File Inclusion Vuln

Exploit for unknown platform in category web applications ================================================================ PNphpBB2 = 1.2i printview.php phpEx Local File Inclusion Vuln ================================================================...

PNPHPBB2 1.2i - PHPEx Local File Inclusion

PNPHPBB2 1.2i - PHPEx Local File Inclusion .-----------------------------------------------------------------------------. | vuln.: PNphpBB2 = 1.2i printview.php phpEx Local File Inclusion Vuln. | | download: http://www.pnphpbb.com/ | | dorks: Powered by PNphpBB2 / Powered por PNphpBB2 | |...

CVE-2007-1163

SQL injection vulnerability in printview.php in webSPELL 4.01.02 and earlier allows remote attackers to execute arbitrary SQL commands via the topic parameter, a different vector than CVE-2007-1019, CVE-2006-5388, and CVE-2006-4783...

Sql injection

SQL injection vulnerability in printview.php in webSPELL 4.01.02 and earlier allows remote attackers to execute arbitrary SQL commands via the topic parameter, a different vector than CVE-2007-1019, CVE-2006-5388, and CVE-2006-4783...

CVE-2007-1163

Affected software/module: webSPELL 4.01.02 and earlier; vulnerable file: printview.php. Vulnerability: SQL injection via the topic parameter that allows remote attackers to execute arbitrary SQL commands. This reflects the same issue described across the CVE-2007-1163 entries, using a different v...

CVE-2007-1163

SQL injection vulnerability in printview.php in webSPELL 4.01.02 and earlier allows remote attackers to execute arbitrary SQL commands via the topic parameter, a different vector than CVE-2007-1019, CVE-2006-5388, and CVE-2006-4783...

webSPELL &lt;= v4.01.02 (topic) Remote SQL Injection

No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV2 print "\n \'/ "; print "\n -.- "; print "\n -------------------oOO------OOo-------------------"; print "\n | webSPELL = v4.01.02 topic Remote SQL Injection |"; print "\n | coded by DNX |"; print "\n...

webspell-sql.txt

!/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV2 print "\n \'/ "; print "\n -.- "; print "\n -------------------oOO------OOo-------------------"; print "\n | webSPELL "; print "\n! Example: perl ws.pl 127.0.0.1 /webspell/ -tid 1 -uid 2 -t myuser"; print "\n! Options:"; print "\n -ti...

webSPELL <= 4.01.02 (topic) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ======================================================== webSPELL "; print "\n! Example: perl ws.pl 127.0.0.1 /webspell/ -tid 1 -uid 2 -t myuser"; print "\n! Options:"; print "\n -tid no Valid topic-ID"; print "\n -uid no User-ID, default ...

webSPELL 4.01.02 - &#039;topic&#039; SQL Injection

!/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV2 print "\n \'/ "; print "\n -.- "; print "\n -------------------oOO------OOo-------------------"; print "\n | webSPELL "; print "\n! Example: perl ws.pl 127.0.0.1 /webspell/ -tid 1 -uid 2 -t myuser"; print "\n! Options:"; print "\n -ti...