18 matches found
EUVD-2006-1707
Malware in sbrugna...
EUVD-2006-1708
Malware in sbrugna...
ShopWeezle 2.0 memo.php itemID Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/17441/info ShopWeezle is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit...
ShopWeezle 2.0 index.php Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/17441/info ShopWeezle is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit...
ShopWeezle 2.0 login.php itemID Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/17441/info ShopWeezle is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit...
CVE-2006-1706
Multiple SQL injection vulnerabilities in Shopweezle 2.0 allow remote attackers to execute arbitrary SQL commands via the 1 itemID parameter to a login.php and b memo.php; and the 2 itemgr, 3 brandID, and 4 album parameters to c index.php. NOTE: this issue also produces resultant full path...
CVE-2006-1707
index.php in Shopweezle 2.0 allows remote attackers to include arbitrary local files via the url parameter...
Sql injection
Multiple SQL injection vulnerabilities in Shopweezle 2.0 allow remote attackers to execute arbitrary SQL commands via the 1 itemID parameter to a login.php and b memo.php; and the 2 itemgr, 3 brandID, and 4 album parameters to c index.php. NOTE: this issue also produces resultant full path...
CVE-2006-1707
index.php in Shopweezle 2.0 allows remote attackers to include arbitrary local files via the url parameter...
CVE-2006-1706
Multiple SQL injection vulnerabilities in Shopweezle 2.0 allow remote attackers to execute arbitrary SQL commands via the 1 itemID parameter to a login.php and b memo.php; and the 2 itemgr, 3 brandID, and 4 album parameters to c index.php. NOTE: this issue also produces resultant full path...
CVE-2006-1707
The CVE-2006-1707 issue affects Shopweezle 2.0, where index.php permits remote attackers to include arbitrary local files via the url parameter. This indicates a local-file inclusion-style vulnerability in the web application’s handling of the url parameter, enabling an attacker to read or includ...
CVE-2006-1706
CVE-2006-1706 affects Shopweezle 2.0. The vulnerability is a SQL injection in multiple parameters: (1) itemID used in login.php and memo.php; and (2) itemgr, brandID, and album used in index.php. The issues can allow remote attackers to execute arbitrary SQL commands and may cause full path discl...
ShopWeezle 2.0 - 'index.php' Multiple SQL Injections
source: https://www.securityfocus.com/bid/17441/info ShopWeezle is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...
ShopWeezle 2.0 - login.php?itemID SQL Injection
ShopWeezle 2.0 - login.php?itemID SQL Injection source: https://www.securityfocus.com/bid/17441/info ShopWeezle is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A...
ShopWeezle 2.0 - index.php Multiple SQL Injections
ShopWeezle 2.0 - index.php Multiple SQL Injections source: https://www.securityfocus.com/bid/17441/info ShopWeezle is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A...
Shopweezle 2.0 multiple vuln.
Shopweezle 2.0 multiple vuln. Vuln. discovered by : r0t Date: 9 april 2006 vendor:http://shopweezle.de/ affected versions: ShopWeezle PERSONAL ShopWeezle PROFESSIONAL ShopWeezle PROFESSIONAL+ orginal advisory: http://pridels.blogspot.com/2006/04/shopweezle-20-multiple-vuln.html Vuln. description:...
ShopWeezle 2.0 - memo.php?itemID SQL Injection
ShopWeezle 2.0 - memo.php?itemID SQL Injection source: https://www.securityfocus.com/bid/17441/info ShopWeezle is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A...
ShopWeezle 2.0 - 'login.php?itemID' SQL Injection
source: https://www.securityfocus.com/bid/17441/info ShopWeezle is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...