Lucene search
K

6 matches found

CVE
CVE
added 2007/12/28 9:0 p.m.38 views

CVE-2007-6586

CVE-2007-6586 is a SQL injection in nicLOR-CMS (sezione_news.php) that allows remote attackers to inject arbitrary SQL via the id parameter in a sezione page action to index.php. Affected: nicLOR-CMS, sezione_news.php; impact per sources is partial confidentiality/integrity/availability. Exploit ...

7.5CVSS8.3AI score0.00996EPSS
Exploits1References4Affected Software1
seebug.org
seebug.org
added 2007/12/24 12:0 a.m.17 views

nicLOR CMS sezione_news.php SQL注入漏洞

BUGTRAQ ID: 26983 CNCAN ID:CNCAN-2007122410 nicLOR CMS是一款基于PHP的WEB应用程序。 nicLOR CMS不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞进行SQL注入攻击,可获得敏感信息或操作数据库。 问题是由于'sezionenews.php'脚本对用户提交的'id'参数处理缺少充分过滤,提交恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息或操作数据库。 nicLOR nicLOR 16-04-06 目前没有解决方案提供: http://www.niclor.net/...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2007/12/22 12:0 a.m.21 views

nicLOR CMS (sezione_news.php) Remote SQL Injection Vulnerability

No description provided by source. Name : nicLOR-CMS SQL Injection Vulnerability. Author : x0kster Email : [email protected] Script Download : http://www.niclor.net/prodotti/16-04-06-niclorcms.zip Date : 21/12/2007 SQL Injection in sezionenews.php ?php ... $intSezioneID = $GET'id'; ... $strSQL =...

7.1AI score
Exploits0
0day.today
0day.today
added 2007/12/21 12:0 a.m.15 views

nicLOR CMS (sezione_news.php) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================ nicLOR CMS sezionenews.php Remote SQL Injection Vulnerability ================================================================ Name : nicLOR-CMS SQL Injection Vulnerability...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2007/12/21 12:0 a.m.12 views

nicLOR CMS - sezione_news.php SQL Injection

nicLOR CMS - sezionenews.php SQL Injection Name : nicLOR-CMS SQL Injection Vulnerability. Author : x0kster Email : [email protected] Script Download : http://www.niclor.net/prodotti/16-04-06-niclorcms.zip Date : 21/12/2007 SQL Injection in sezionenews.php So we can exploit the $intSezioneID and...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2007/12/21 12:0 a.m.32 views

nicLOR CMS - 'sezione_news.php' SQL Injection

Name : nicLOR-CMS SQL Injection Vulnerability. Author : x0kster Email : [email protected] Script Download : http://www.niclor.net/prodotti/16-04-06-niclorcms.zip Date : 21/12/2007 SQL Injection in sezionenews.php So we can exploit the $intSezioneID and execute an sql injection. PoC:...

7.4AI score
Exploits0
Rows per page
Query Builder