26 matches found
EUVD-2005-0272
Malware in sbrugna...
EUVD-2004-2167
Malware in sbrugna...
EUVD-2005-0271
Malware in sbrugna...
All Enthusiast ReviewPost PHP Pro 2.5 showcat.php SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/9574/info It has been reported that ReviewPost PHP Pro may be prone to multiple SQL injection vulnerabilities that may allow an attacker to influence SQL query logic. This issue could be exploited to disclose sensitive...
All Enthusiast ReviewPost PHP Pro 2.5 showproduct.php SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/9574/info It has been reported that ReviewPost PHP Pro may be prone to multiple SQL injection vulnerabilities that may allow an attacker to influence SQL query logic. This issue could be exploited to disclose sensitive...
SQL injection in ReviewPost PHP Pro
There is a flaw in ReviewPost PHP Pro which may allow a malicious attacker to inject arbitrary SQL queries which allows it to fetch data from the database. SPDX-FileCopyrightText: 2004 Astharot Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
CVE-2004-2175
Multiple SQL injection vulnerabilities in ReviewPost PHP Pro allow remote attackers to execute arbitrary SQL commands via the 1 product parameter to showproduct.php or 2 cat parameter to showcat.php...
CVE-2004-2175
The CVE-2004-2175 entry corresponds to SQL injection flaws in ReviewPost PHP Pro. Affected: ReviewPost PHP Pro web app; vulnerable in showproduct.php (product param) and showcat.php (cat param). Cause: unsanitized user input used in database queries. Impact: potential data disclosure and, per Ope...
CVE-2005-0272
ReviewPost PHP Pro before 2.84 allows remote attackers to upload and execute arbitrary PHP files by posting a review file with multiple extensions, which bypasses the intended restrictions...
CVE-2005-0270
Multiple cross-site scripting XSS vulnerabilities in ReviewPost PHP Pro before 2.84 allow remote attackers to inject arbitrary web script or HTML via the 1 si parameter to showcat.php, 2 cat or 3 page parameter to showproduct.php, or 4 report parameter to reportproduct.php...
CVE-2005-0272
ReviewPost PHP Pro before 2.84 allows remote attackers to upload and execute arbitrary PHP files by posting a review file with multiple extensions, which bypasses the intended restrictions...
CVE-2005-0270
Multiple cross-site scripting XSS vulnerabilities in ReviewPost PHP Pro before 2.84 allow remote attackers to inject arbitrary web script or HTML via the 1 si parameter to showcat.php, 2 cat or 3 page parameter to showproduct.php, or 4 report parameter to reportproduct.php...
CVE-2005-0271
Multiple SQL injection vulnerabilities in ReviewPost PHP Pro before 2.84 allow remote attackers to execute arbitrary SQL commands via the 1 cat parameter to showcat.php or 2 product parameter to addfav.php...
CVE-2005-0270
ReviewPost PHP Pro before 2.84 contains multiple XSS flaws. The vulnerabilities allow an attacker to inject arbitrary script via parameters: si in showcat.php, cat or page in showproduct.php, and report in reportproduct.php. Root cause appears to be insufficient input sanitization enabling cross-...
CVE-2005-0271
CVE-2005-0271 concerns ReviewPost (PHP Pro)
ReviewPost.txt
GulfTech Security Research January 02, 2005 Vendor : All Enthusiast, Inc. URL : http://www.reviewpost.com/ Version : ReviewPost PHP Pro All Versions Risk : Multiple Vulnerabilities Description: Your community of users represents a wealth of knowledge. Now your users can help build and maintain yo...
Serious Vulnerabilities In PhotoPost ReviewPost
GulfTech Security Research January 02, 2005 Vendor : All Enthusiast, Inc. URL : http://www.reviewpost.com/ Version : ReviewPost PHP Pro All Versions Risk : Multiple Vulnerabilities Description: Your community of users represents a wealth of knowledge. Now your users can help build and maintain yo...
CVE-2005-0271
Multiple SQL injection vulnerabilities in ReviewPost PHP Pro before 2.84 allow remote attackers to execute arbitrary SQL commands via the 1 cat parameter to showcat.php or 2 product parameter to addfav.php...
CVE-2004-2175
Multiple SQL injection vulnerabilities in ReviewPost PHP Pro allow remote attackers to execute arbitrary SQL commands via the 1 product parameter to showproduct.php or 2 cat parameter to showcat.php...
ZH2004-04SA (security advisory): Multiple Sql Injection Vulnerabilities in ReviewPost PHP Pro
ZH2004-04SA security advisory: Multiple Sql Injection Vulnerabilities in ReviewPost PHP Pro Published: 04 february 2004 Released: 04 february 2004 Name: ReviewPost PHP Pro Affected Systems: current and prior versions Issue: Sql Injection Vulnerability Author: G00db0y from Zone-h Security Labs -...