4 matches found
CVE-2010-1046
CVE-2010-1046 affects Rostermain 1.1 and earlier, where multiple SQL injection vulnerabilities exist in index.php. The underlying issue is improper input handling in the (1) userid (username) and (2) password parameters, enabling remote attackers to inject and execute arbitrary SQL commands. The ...
Rostermain 1.1 SQL Injection
Rostermain + Download : http://scripts.ringsworld.com/games-and-entertainment/rostermain/ + Vuln Code : index.php if $POST'userid' && $POST'password' // if the user has just tried to log in $logquery = "select from users " ."where username='$userid' " ." and passwd='$password' "; + PoC : username...
Rostermain 1.1 - Authentication Bypass
Rostermain 1.1 - Authentication Bypass + Rostermain + Download : http://scripts.ringsworld.com/games-and-entertainment/rostermain/ + Vuln Code : index.php if $POST'userid' && $POST'password' // if the user has just tried to log in $logquery = "select from users " ."where username='$userid' " ." a...
Rostermain <= 1.1 (Auth Bypass) SQL Injection Vulnerability
Exploit for unknown platform in category web applications =========================================================== Rostermain = 1.1 Auth Bypass SQL Injection Vulnerability =========================================================== + Rostermain = 1.1 Auth Bypass SQL Injection Vulnerability +...