EUVD-2009-1947

Malware in sbrugna...

EUVD-2009-1946

Malware in sbrugna...

propertymax pro free (sql/xss) Multiple Vulnerabilities

No description provided by source. + PropertyMax Pro FREE SQL/XSS Multiple Remote Vulnerabilities + Discovered By SirGod + www.mortal-team.org + www.h4cky0u.org + SQL Injection Auth Bypass Conditions : magicquotesgpc = off Go to : http://127.0.0.1/path/admin Login as : Username : 'or''=' Password...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in PropertyMax Pro FREE 0.3 allows remote attackers to inject arbitrary web script or HTML via the pl parameter in a mi action...

CVE-2009-1951

Cross-site scripting XSS vulnerability in index.php in PropertyMax Pro FREE 0.3 allows remote attackers to inject arbitrary web script or HTML via the pl parameter in a mi action...

Sql injection

Multiple SQL injection vulnerabilities in the administrative login feature in PropertyMax Pro FREE 0.3, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 username and 2 password parameters...

CVE-2009-1952

Multiple SQL injection vulnerabilities in the administrative login feature in PropertyMax Pro FREE 0.3, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 username and 2 password parameters...

CVE-2009-1952

CVE-2009-1952 concerns multiple SQL injection vulnerabilities in the administrative login feature of PropertyMax Pro FREE 0.3. The root cause is improper handling of user-supplied inputs in the login process when magic_quotes_gpc is disabled, enabling remote attackers to craft (username, password...

CVE-2009-1951

Cross-site scripting XSS vulnerability in index.php in PropertyMax Pro FREE 0.3 allows remote attackers to inject arbitrary web script or HTML via the pl parameter in a mi action...

CVE-2009-1952

Multiple SQL injection vulnerabilities in the administrative login feature in PropertyMax Pro FREE 0.3, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 username and 2 password parameters...

CVE-2009-1951

The CVE-2009-1951 entry concerns PropertyMax Pro FREE 0.3, where a Cross-site Scripting (XSS) vulnerability exists in index.php. The issue allows remote attackers to inject arbitrary web script or HTML via the pl parameter in a mi action. This is documented across multiple sources (NVD entry and ...

PropertyMax Pro FREE XSS / SQL Injection

PropertyMax Pro FREE SQL/XSS Multiple Remote Vulnerabilities + Discovered By SirGod + www.mortal-team.org + www.h4cky0u.org + SQL Injection Auth Bypass Conditions : magicquotesgpc = off Go to : http://127.0.0.1/path/admin Login as : Username : 'or''=' Password : 'or''=' + Cross-Site Scripting...

propertymax pro free - SQL Injection Cross-Site Scripting

propertymax pro free - SQL Injection Cross-Site Scripting + PropertyMax Pro FREE SQL/XSS Multiple Remote Vulnerabilities + Discovered By SirGod + www.mortal-team.org + www.h4cky0u.org + SQL Injection Auth Bypass Conditions : magicquotesgpc = off Go to : http://127.0.0.1/path/admin Login as :...