20 matches found
EUVD-2009-0827
Malware in sbrugna...
EUVD-2009-0826
Malware in sbrugna...
EUVD-2009-0825
Malware in sbrugna...
CVE-2009-0830
Cross-site scripting XSS vulnerability in QuoteBook allows remote attackers to inject arbitrary web script or HTML via the 1 QuoteName and 2 QuoteText parameters to quotesadd.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2009-0828
QuoteBook stores quotes.inc under the web root with insufficient access control, which allows remote attackers to obtain sensitive database information, including user credentials, via a direct request...
Cross site scripting
Cross-site scripting XSS vulnerability in QuoteBook allows remote attackers to inject arbitrary web script or HTML via the 1 QuoteName and 2 QuoteText parameters to quotesadd.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
Improper access control
QuoteBook stores quotes.inc under the web root with insufficient access control, which allows remote attackers to obtain sensitive database information, including user credentials, via a direct request...
Sql injection
Multiple SQL injection vulnerabilities in QuoteBook allow remote attackers to execute arbitrary SQL commands via the 1 MyBox and 2 selectFavorites parameters to a quotes.php and the 3 QuoteName and 4 QuoteText parameters to b quotesadd.php. NOTE: the provenance of this information is unknown; the...
CVE-2009-0829
Multiple SQL injection vulnerabilities in QuoteBook allow remote attackers to execute arbitrary SQL commands via the 1 MyBox and 2 selectFavorites parameters to a quotes.php and the 3 QuoteName and 4 QuoteText parameters to b quotesadd.php. NOTE: the provenance of this information is unknown; the...
CVE-2009-0830
Cross-site scripting XSS vulnerability in QuoteBook allows remote attackers to inject arbitrary web script or HTML via the 1 QuoteName and 2 QuoteText parameters to quotesadd.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2009-0828
The CVE-2009-0828 entry concerns QuoteBook, where quotes.inc is stored under the web root with insufficient access control. The root cause is improper access restrictions, allowing remote attackers to directly access the database and obtain sensitive information, including user credentials. The a...
CVE-2009-0829
CVE-2009-0829 involves multiple SQL injection vulnerabilities in QuoteBook. The flaws allow remote attackers to execute arbitrary SQL commands by supplying crafted input through the following parameters: (1) MyBox and (2) selectFavorites to quotes.php, and (3) QuoteName and (4) QuoteText to quote...
CVE-2009-0830
CVE-2009-0830 describes a cross-site scripting (XSS) vulnerability in QuoteBook that allows remote attackers to inject arbitrary web script or HTML via the (1) QuoteName and (2) QuoteText parameters to quotesadd.php. The root cause is unvalidated/unsanitized input in these fields, enabling script...
CVE-2009-0828
QuoteBook stores quotes.inc under the web root with insufficient access control, which allows remote attackers to obtain sensitive database information, including user credentials, via a direct request...
CVE-2009-0829
Multiple SQL injection vulnerabilities in QuoteBook allow remote attackers to execute arbitrary SQL commands via the 1 MyBox and 2 selectFavorites parameters to a quotes.php and the 3 QuoteName and 4 QuoteText parameters to b quotesadd.php. NOTE: the provenance of this information is unknown; the...
QuoteBook (poll.inc) Remote Config File Disclosure Vulnerability
No description provided by source. -----------------------------I AM MUSLIM !!------------------------------ ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || ||...
QuoteBook - Remote Configuration File Disclosure
QuoteBook - Remote Configuration File Disclosure -----------------------------I AM MUSLIM !!------------------------------ ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || //...
QuoteBook - Remote Configuration File Disclosure
-----------------------------I AM MUSLIM !!------------------------------ ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || ||...
QuoteBook (poll.inc) Remote Config File Disclosure Vulnerability
Exploit for unknown platform in category web applications ================================================================ QuoteBook poll.inc Remote Config File Disclosure Vulnerability ================================================================...
QuoteBook Configuration File Disclosure
-----------------------------I AM MUSLIM !!------------------------------ ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || ||...