Sql injection

SQL injection vulnerability in profile.php in AstroSPACES 1.1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action...

CVE-2008-4642

AstroSPACES profile.php SQL Injection: in version 1.1.1, the id parameter in a view action is unvalidated, enabling remote attackers to inject arbitrary SQL via the vulnerable query. The issue is documented with a CVSSv2 base score of 7.5 (HIGH) and vector AV:N/AC:L/Au:N/C:P/I:P/A:P. Connected so...

AstroSPACES (id) Remote SQL Injection Vulnerability

No description provided by source. AstroSPACES profile.php SQL Powered by Philippine Website Developers and AstroSPACES © P3NET 2006-2007 AUTHOR : TurkishWarriorr Sehitler Ölmez Vatan Bölünmez .... HOME : http://www.1923turk.org DORK : Powered By AstroSPACES EXPLOIT :...

astrospaces-sql.txt

AstroSPACES profile.php SQL Powered by Philippine Website Developers and AstroSPACES © P3NET 2006-2007 AUTHOR : TurkishWarriorr Sehitler Ölmez Vatan Bölünmez .... HOME : http://www.1923turk.org DORK : Powered By AstroSPACES EXPLOIT :...

AstroSPACES 1.1.1 - 'id' SQL Injection

AstroSPACES profile.php SQL Powered by Philippine Website Developers and AstroSPACES © P3NET 2006-2007 AUTHOR : TurkishWarriorr Sehitler Ölmez Vatan Bölünmez .... HOME : http://www.1923turk.org DORK : Powered By AstroSPACES EXPLOIT :...

AstroSPACES 1.1.1 - id SQL Injection

AstroSPACES 1.1.1 - id SQL Injection AstroSPACES profile.php SQL Powered by Philippine Website Developers and AstroSPACES © P3NET 2006-2007 AUTHOR : TurkishWarriorr Sehitler Ölmez Vatan Bölünmez .... HOME : http://www.1923turk.org DORK : Powered By AstroSPACES EXPLOIT :...

Sql injection

Multiple SQL injection vulnerabilities in cyberBB 0.6 allow remote authenticated users to execute arbitrary SQL commands via the 1 id parameter to showtopic.php and the 2 user parameter to profile.php...

CVE-2008-3718

Multiple SQL injection vulnerabilities in cyberBB 0.6 allow remote authenticated users to execute arbitrary SQL commands via the 1 id parameter to showtopic.php and the 2 user parameter to profile.php...

CVE-2008-3718

CVE-2008-3718 involves multiple SQL injection vulnerabilities in cyberBB 0.6. The issue allows remote authenticated users to execute arbitrary SQL commands via the (1) id parameter to show_topic.php and (2) user parameter to profile.php. The affected component is cyberBB 0.6; root cause is input-...

CVE-2008-3718

Multiple SQL injection vulnerabilities in cyberBB 0.6 allow remote authenticated users to execute arbitrary SQL commands via the 1 id parameter to showtopic.php and the 2 user parameter to profile.php...

cyberbb-sql.txt

Name : cyberBB v. 0.6 Multiply Remote SQL Injection Vulnerabilities Author : cOndemned Dark-Coders Greetz : Avantura, str0ke, ZaBeaTy, voo|doo, irk4z, and many, many more... Conditions : Magic quotes gpc = On & Off / User must be logged into source of /showtopic.php : 21. $id=$REQUEST'id'; 22. 23...

Sql injection

SQL injection vulnerability in profile.php in PHPAuction GPL Enhanced 2.51 allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2008-3487

SQL injection vulnerability in profile.php in PHPAuction GPL Enhanced 2.51 allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2008-3487

PHPAuction GPL Enhanced 2.51 is affected by a SQL injection in profile.php via the id parameter, allowing remote execution of arbitrary SQL commands. The root cause is input unsanitized in the id parameter; CVSSv2 base score 7.5 (HIGH) reflects network access, low attack complexity, no authentica...

PHPAuction GPL Enhanced 'profile.php' SQL注入漏洞

BUGTRAQ ID: 30501 CNCAN ID：CNCAN-2008080426 PHPAuction GPL Enhanced是一款基于PHP的WEB应用程序。 PHPAuction GPL Enhanced不正确处理用户提交的输入，远程攻击者可以利用漏洞进行SQL注入攻击，可能获得敏感信息或操作数据库。 问题由于'profile.php'脚本对用户提交给'id'参数缺少过滤，构建恶意SQL查询作为参数数据，可更改原来的SQL逻辑，获得敏感信息或操作数据库。 PHPAuctions.info PHPAuction GPL Enhanced 2.51 目前没有解决方案提供：...

PHPAuction GPL Enhanced 2.51 (profile.php) SQL Injection Vulnerability

No description provided by source. || | | PHPAuction GPL Enhanced V2.51 profile.php id Remote SQL Injection Vulnerability | | |---------------------Hussin X----------------------| | | Author: Hussin X | | Home : www.tryag.cc/cc | | email: darkangelg85atYahooDoTcom | | | | | | | | script :...

phpAuction GPL Enhanced 2.51 - profile.php SQL Injection

phpAuction GPL Enhanced 2.51 - profile.php SQL Injection || | | PHPAuction GPL Enhanced V2.51 profile.php id Remote SQL Injection Vulnerability | | |---------------------Hussin X----------------------| | | Author: Hussin X | | Home : www.tryag.cc/cc | | email: darkangelg85atYahooDoTcom | | | | | ...

PHPAuction GPL Enhanced 2.51 (profile.php) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ====================================================================== PHPAuction GPL Enhanced 2.51 profile.php SQL Injection Vulnerability ====================================================================== || | | PHPAuction GPL Enhanc...

phpauctiongpl-sql.txt

|| | | PHPAuction GPL Enhanced V2.51 profile.php id Remote SQL Injection Vulnerability | | |---------------------Hussin X----------------------| | | Author: Hussin X | | Home : www.tryag.cc/cc | | email: darkangelg85atYahooDoTcom | | | | | | | | script : http://phpauctions.info/ | | DorK : /: ||...

phpAuction GPL Enhanced 2.51 - 'profile.php' SQL Injection

|| | | PHPAuction GPL Enhanced V2.51 profile.php id Remote SQL Injection Vulnerability | | |---------------------Hussin X----------------------| | | Author: Hussin X | | Home : www.tryag.cc/cc | | email: darkangelg85atYahooDoTcom | | | | | | | | script : http://phpauctions.info/ | | DorK : /: ||...