14 matches found
EUVD-2006-0668
Malware in sbrugna...
EUVD-2007-0341
Malware in sbrugna...
EUVD-2006-0861
Malware in sbrugna...
CVE-2007-0339
SQL injection vulnerability in index.php aka the login form in Scriptme SMe FileMailer 1.21 allows remote attackers to execute arbitrary SQL commands via the Password field ps parameter. NOTE: some of these details are obtained from third party information...
CVE-2007-0339
SQL injection vulnerability in index.php aka the login form in Scriptme SMe FileMailer 1.21 allows remote attackers to execute arbitrary SQL commands via the Password field ps parameter. NOTE: some of these details are obtained from third party information...
CVE-2007-0339
The CVE describes a SQL injection in Scriptme SMe FileMailer 1.21 through the login form (index.php). The vulnerability allows remote attackers to execute arbitrary SQL commands via the Password field (ps parameter). Root cause is unsafe handling of input in the login process, enabling database c...
Scriptme SmE File Mailer Login SQL注入漏洞
Scriptme SmE File Mailer是一款基于PHP的站点构架程序。 Scriptme SmE File Mailer不正确过滤用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,未授权访问应用程序。 问题是登录脚本对用户提交的密码参数缺少过滤,提交恶意SQL代码作为数据,可导致无需验证访问应用程序。 scriptme SmE File Mailer 1.21 目前没有解决方案提供: http://www.scriptme.com/ Login: admin Password: anything' OR 'x'='x...
Scriptme SmE 1.21 - File Mailer Login SQL Injection
source: https://www.securityfocus.com/bid/22081/info SmE File Mailer is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, acces...
CVE-2006-0856
The CVE-2006-0856 entry describes a SQL injection in login.php of Scriptme SmE GB Host 1.21 that lets remote attackers execute arbitrary SQL and bypass authentication via the Username parameter. Affected software is Scriptme SmE GB Host 1.21; the vulnerability arises from improper handling of the...
[eVuln] Scriptme products BBCode 'url' XSS Vulnerability
New eVuln Advisory: Scriptme products BBCode 'url' XSS Vulnerability http://evuln.com/vulns/65/summary.html --------------------Summary---------------- eVuln ID: EV0065 CVE: CVE-2006-0661 Vendor: Scriptme Vendor's Web Site: http://www.scriptme.com/ Software: "SmE GB Host" "SmE Blog Host" Versions...
CVE-2006-0661
Cross-site scripting XSS vulnerability in Scriptme SmE GB Host 1.21 and SmE Blog Host allows remote attackers to inject arbitrary web script or HTML via the BBcode url tag...
Cross site scripting
Cross-site scripting XSS vulnerability in Scriptme SmE GB Host 1.21 and SmE Blog Host allows remote attackers to inject arbitrary web script or HTML via the BBcode url tag...
CVE-2006-0661
Cross-site scripting XSS vulnerability in Scriptme SmE GB Host 1.21 and SmE Blog Host allows remote attackers to inject arbitrary web script or HTML via the BBcode url tag...
CVE-2006-0661
The CVE-2006-0661 entry concerns a Cross-Site Scripting (XSS) vulnerability in Scriptme SmE GB Host 1.21 and SmE Blog Host, exploitable via the BBcode [url] tag to inject arbitrary script/HTML. Affected components: Scriptme SmE GB Host 1.21 and SmE Blog Host. Root cause and impact: XSS allowing r...