EUVD-2007-5691

Malware in sbrugna...

EUVD-2007-6028

Malware in sbrugna...

ProfileCMS <= 1.0 (id) Remote SQL Injection Vulnerability

No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV84$2007 ----------------------------------------------------------------------------------------- ECHOADV84$2007 ProfileCMS = 1.0 Remote SQL Injection Vulnerability...

ProfileCMS 1.0 - Remote File Upload Vulnerability Shell Upload Exploit

No description provided by source. ProfileCMS v1.0 Shell Upload Exploit Demo : http://slrate.com/ You can direct upload PHP shell instead of image while creating profile at this script, For example http://slrate.com/profiles here you can direct upload shell instead of images. Dorks : Total...

adv84-K-159-2007.txt

ECHOADV84$2007 ----------------------------------------------------------------------------------------- ECHOADV84$2007 ProfileCMS = 1.0 Remote SQL Injection Vulnerability ----------------------------------------------------------------------------------------- Author : M.Hasran Addahroni Date :...

Sql injection

Multiple SQL injection vulnerabilities in index.php in ProfileCMS 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter in a 1 codes action in the profile-codes module, 2 videos action in the video-codes module, or 3 games action in the arcade-games module...

CVE-2007-6058

Multiple SQL injection vulnerabilities in index.php in ProfileCMS 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter in a 1 codes action in the profile-codes module, 2 videos action in the video-codes module, or 3 games action in the arcade-games module...

CVE-2007-6058

ProfileCMS 1.0 and earlier contains multiple SQL injection flaws in index.php. The id parameter in three actions (profile-codes, video-codes, arcade-games) is exploitable, enabling remote attackers to execute arbitrary SQL via normal requests. The vulnerability is documented across multiple sourc...

CVE-2007-6058

Multiple SQL injection vulnerabilities in index.php in ProfileCMS 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter in a 1 codes action in the profile-codes module, 2 videos action in the video-codes module, or 3 games action in the arcade-games module...

ProfileCMS ID SQL注入漏洞

ECHOADV84$2007 ProfileCMS = 1.0 Remote SQL Injection Vulnerability ProfileCMS是一款基于PHP的WEB应用程序。 ProfileCMS不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞进行SQL注入攻击，可获得敏感信息或操作数据库。 问题是由于多个脚本对用户提交的'id'参数缺少过滤，提交恶意SQL查询作为参数数据，可更改原来的SQL逻辑，获得敏感信息或可能操作数据库。 ProfileCMS 1.0 目前没有详细解决方案提供： http://www.profilecms.com/...

ProfileCMS &lt;= 1.0 (id) Remote SQL Injection Vulnerability

No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV84$2007 ----------------------------------------------------------------------------------------- ECHOADV84$2007 ProfileCMS = 1.0 Remote SQL Injection Vulnerability...

ProfileCMS 1.0 - &#039;id&#039; SQL Injection

\ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV84$2007 ----------------------------------------------------------------------------------------- ECHOADV84$2007 ProfileCMS = 1.0 Remote SQL Injection Vulnerability...

ProfileCMS <= 1.0 (id) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ========================================================= ProfileCMS = 1.0 id Remote SQL Injection Vulnerability ========================================================= \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / /...

ProfileCMS 1.0 - id SQL Injection

ProfileCMS 1.0 - id SQL Injection \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV84$2007 ----------------------------------------------------------------------------------------- ECHOADV84$2007 ProfileCMS = 1.0 Remote SQL Injection Vulnerability...

CVE-2007-5720

Unrestricted file upload vulnerability in the profiles script in ProfileCMS 1.0 allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors involving creation of a profile...

Unrestricted file upload

Unrestricted file upload vulnerability in the profiles script in ProfileCMS 1.0 allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors involving creation of a profile...

CVE-2007-5720

Unrestricted file upload vulnerability in the profiles script in ProfileCMS 1.0 allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors involving creation of a profile...

CVE-2007-5720

CVE-2007-5720 : Affected product: ProfileCMS 1.0. The vulnerability is an unrestricted file upload in the profiles script that allows remote attackers to upload and execute arbitrary PHP code via profile creation. The NVD entry lists a CVSS v2 base score of 6.8 (NETWORK, MEDIUM) with partial impa...

profile-upload.txt

ProfileCMS v1.0 Shell Upload Exploit Demo : http://slrate.com/ You can direct upload PHP shell instead of image while creating profile at this script, For example http://slrate.com/profiles here you can direct upload shell instead of images. Dorks : "Total Generators & Widgets" "Powered By...

ProfileCMS 1.0 Remote File Upload Vulnerability Shell Upload Exploit

No description provided by source. ProfileCMS v1.0 Shell Upload Exploit Demo : http://slrate.com/ You can direct upload PHP shell instead of image while creating profile at this script, For example http://slrate.com/profiles here you can direct upload shell instead of images. Dorks : "Total...