11 matches found
EUVD-2008-5246
Malware in sbrugna...
EUVD-2008-3121
Malware in sbrugna...
pSys 0.7.0 Alpha - (chatbox.php) Remote SQL Injection Vulnerability
No description provided by source. '/ -.- ---------------------oOO------OOo-------------------- | pSys v0.7.0 Alpha chatbox.php Remote SQL Injection | | works only with magic quotes = off | | coded by DNX | -------------------------------------------------------- ! Discovered.: DNX ! Vendor.....:...
CVE-2008-5269
SQL injection vulnerability in index.php in pSys 0.7.0 alpha allows remote attackers to execute arbitrary SQL commands via the shownews parameter...
Sql injection
SQL injection vulnerability in index.php in pSys 0.7.0 alpha allows remote attackers to execute arbitrary SQL commands via the shownews parameter...
CVE-2008-5269
The connected records confirm a concrete vulnerability: in pSys 0.7.0 alpha, SQL injection permits remote attackers to execute arbitrary SQL via the shownews parameter in index.php. The root cause is unsanitized input leading to database command execution. Impact is partial confidentiality/integr...
CVE-2008-3131
SQL injection vulnerability in chatbox.php in pSys 0.7.0 Alpha, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the showid parameter...
CVE-2008-3131
SQL injection vulnerability in chatbox.php in pSys 0.7.0 Alpha, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the showid parameter...
CVE-2008-3131
CVE-2008-3131 affects pSys 0.7.0 Alpha, specifically the chatbox.php component. The vulnerability is a SQL injection triggered when magic_quotes_gpc is disabled, allowing remote attackers to execute arbitrary SQL commands via the showid parameter. The root cause is improper handling of user-suppl...
pSys 0.7.0.a (shownews) Remote SQL Injection Vulnerability
No description provided by source. pSys - 0.7.0. alpha shownews SQL Injection Bug by: h0yt3r Bug in here: if isset$REQUEST'shownews' && $REQUEST'shownews' != "" $sqlbefehl="Select titel from $tabnews Where id = '".intval$REQUEST'shownews'."'"; $gettitel = mysqlquery$sqlbefehl,$serverid;...
psys-sql.txt
pSys - 0.7.0. alpha shownews SQL Injection Bug by: h0yt3r Bug in here: if isset$REQUEST'shownews' && $REQUEST'shownews' != "" $sqlbefehl="Select titel from $tabnews Where id = '".intval$REQUEST'shownews'."'"; $gettitel = mysqlquery$sqlbefehl,$serverid; $news=mysqlfetcharray$gettitel; $pagetitle =...