EUVD-2006-6987

Malware in sbrugna...

CVE-2006-7005

SQL injection vulnerability in item.php in PSY Auction allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

PHP Script Tools PSY Auction 0 email_request.php user_id Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/17974/info PSY Auction is prone to multiple input-validation vulnerabilities. The issues include HTML-injection and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize...

PHP Script Tools PSY Auction 0 item.php id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/17974/info PSY Auction is prone to multiple input-validation vulnerabilities. The issues include HTML-injection and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize...

CVE-2006-7005

SQL injection vulnerability in item.php in PSY Auction allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2006-7005

SQL injection vulnerability in item.php in PSY Auction allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2006-7005

The CVE-2006-7005 entry describes an SQL injection in PSY Auction’s item.php, exploitable via the id parameter to allow remote execution of arbitrary SQL. The vulnerability is triggered through a manipulable id value, leading to partial confidentiality, integrity, and availability impact as per t...

CVE-2006-7004

The CVE-2006-7004 entry documents a Cross-site Scripting (XSS) vulnerability in the PSY Auction project, specifically in email_request.php, exploitable via the user_id parameter. The vulnerability description indicates that remote attackers can inject arbitrary web script or HTML, implying potent...

CVE-2006-7004

Cross-site scripting XSS vulnerability in emailrequest.php in PSY Auction allows remote attackers to inject arbitrary web script or HTML via the userid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

PHP Script Tools PSY Auction - email_request.php?user_id Cross-Site Scripting

PHP Script Tools PSY Auction - emailrequest.php?userid Cross-Site Scripting source: https://www.securityfocus.com/bid/17974/info PSY Auction is prone to multiple input-validation vulnerabilities. The issues include HTML-injection and SQL-injection vulnerabilities. These issues are due to a failur...

PHP Script Tools PSY Auction - item.php?id SQL Injection

PHP Script Tools PSY Auction - item.php?id SQL Injection source: https://www.securityfocus.com/bid/17974/info PSY Auction is prone to multiple input-validation vulnerabilities. The issues include HTML-injection and SQL-injection vulnerabilities. These issues are due to a failure in the applicatio...

PHP Script Tools PSY Auction - 'item.php?id' SQL Injection

source: https://www.securityfocus.com/bid/17974/info PSY Auction is prone to multiple input-validation vulnerabilities. The issues include HTML-injection and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful...

PHP Script Tools PSY Auction - 'email_request.php?user_id' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17974/info PSY Auction is prone to multiple input-validation vulnerabilities. The issues include HTML-injection and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful...