24 matches found
EUVD-2006-0087
Malware in sbrugna...
EUVD-2003-1545
Malware in sbrugna...
EUVD-2003-1544
Malware in sbrugna...
ScozNet ScozBook 1.1 AdminName Variable SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16115/info ScozNet ScozBook is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation...
ScozBook 1.1 Path Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7236/info A path disclosure vulnerability has been reported for ScozBook. The issue occurs when a request is made to the view.php script page. Access to sensitive filesystem information may aid an attacker in launching...
ScozBook auth.php adminname Parameter SQL Injection - Ver2 (CVE-2006-0079)
An SQL injection vulnerability has been reported in ScozNet ScozBook BETA. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
ScozBook auth.php adminname Parameter SQL Injection - Ver2 (CVE-2006-0079)
An SQL injection vulnerability has been reported in ScozNet ScozBook BETA. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
CVE-2003-1555
ScozNet ScozBook 1.1 BETA is affected by a vulnerability in view.php where an invalid PG parameter triggers an error message that reveals the installation path, causing information disclosure. Affected component: ScozBook web frontend (view.php). Root cause: improper handling of the PG parameter ...
CVE-2003-1554
CVE-2003-1554 corresponds to a cross-site scripting (XSS) vulnerability in ScozNet ScozBook 1.1 BETA. The flaw resides in scozbook/add.php, allowing an attacker to inject arbitrary script/HTML via the 6 parameters: username, useremail, aim, msn, sitename, and siteaddy. The NASL/OSS Nessus entry a...
CVE-2003-1555
ScozNet ScozBook 1.1 BETA allows remote attackers to obtain sensitive information via an invalid PG parameter in view.php, which reveals the installation path in an error message...
CVE-2006-0079
SQL injection vulnerability in auth.php in ScozNet ScozBook BETA 1.1 allows remote attackers to execute arbitrary SQL commands via the username field adminname variable...
CVE-2006-0079
CVE-2006-0079 describes an SQL injection vulnerability in ScozNet ScozBook BETA 1.1, specifically in auth.php via the adminname (username) field. The underlying issue is unsanitized input allowing a remote attacker to inject arbitrary SQL commands. Documents corroborate exploitation potential and...
CVE-2006-0079
SQL injection vulnerability in auth.php in ScozNet ScozBook BETA 1.1 allows remote attackers to execute arbitrary SQL commands via the username field adminname variable...
EV0011.txt
New eVuln Advisory: ScozBook "adminname" Authentication Bypass --------------------Summary---------------- Vendor: ScozNet Vendor's Web Site: http://www.scoznet.com/ Software: ScozBook Sowtware's Web Site: http://sourceforge.net/projects/scozbook/ Versions: BETA 1.1 Critical Level: Moderate Type:...
[eVuln] ScozBook "adminname" Authentication Bypass
New eVuln Advisory: ScozBook "adminname" Authentication Bypass --------------------Summary---------------- Vendor: ScozNet Vendor's Web Site: http://www.scoznet.com/ Software: ScozBook Sowtware's Web Site: http://sourceforge.net/projects/scozbook/ Versions: BETA 1.1 Critical Level: Moderate Type:...
ScozNet ScozBook 1.1 - AdminName SQL Injection
ScozNet ScozBook 1.1 - AdminName SQL Injection source: https://www.securityfocus.com/bid/16115/info ScozNet ScozBook is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...
ScozNet ScozBook 1.1 - 'AdminName' SQL Injection
source: https://www.securityfocus.com/bid/16115/info ScozNet ScozBook is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the...
CVE-2003-1554
Cross-site scripting XSS vulnerability in scozbook/add.php in ScozNet ScozBook 1.1 BETA allows remote attackers to inject arbitrary web script or HTML via the 1 username, 2 useremail, 3 aim, 4 msn, 5 sitename and 6 siteaddy variables...
CVE-2003-1555
ScozNet ScozBook 1.1 BETA allows remote attackers to obtain sensitive information via an invalid PG parameter in view.php, which reveals the installation path in an error message...
ScozBook BETA 1.1 vulnerabilities
=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::= topic: ScozBook BETA 1.1 vulnerabilities product: ScozBook BETA 1.1 vendor: http://www.scoznet.com risk: high date: 03/29/2k3 discovered by: euronymous /F0KP advisory urls: http://f0kp.iplus.ru/bz/018.en.txt http://f0kp.iplus.ru/bz/018.ru.txt...