27 matches found
EUVD-2007-1338
Malware in sbrugna...
EUVD-2007-3415
Malware in sbrugna...
EUVD-2017-17870
Malware in sbrugna...
EUVD-2007-0784
Malware in sbrugna...
CVE-2017-8930
Multiple cross-site request forgery CSRF vulnerabilities in Simple Invoices 2013.1.beta.8 allow remote attackers to hijack the authentication of admins for requests that can 1 create new administrator user accounts and take over the entire application, 2 create regular user accounts, or 3 change...
Multiple Cross-Site Request Forgery Vulnerabilities in Simple Invoices
Simple Invoices is an open source, free web-based invoicing system. Three cross-site request forgery vulnerabilities exist in Simple Invoices version 2013.1.beta.8. A remote attacker can use these vulnerabilities to create a new administrator user account and take control of the entire applicatio...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in Simple Invoices 2013.1.beta.8 allow remote attackers to hijack the authentication of admins for requests that can 1 create new administrator user accounts and take over the entire application, 2 create regular user accounts, or 3 change...
CVE-2017-8930
Multiple cross-site request forgery CSRF vulnerabilities in Simple Invoices 2013.1.beta.8 allow remote attackers to hijack the authentication of admins for requests that can 1 create new administrator user accounts and take over the entire application, 2 create regular user accounts, or 3 change...
CVE-2017-8930
Multiple cross-site request forgery CSRF vulnerabilities in Simple Invoices 2013.1.beta.8 allow remote attackers to hijack the authentication of admins for requests that can 1 create new administrator user accounts and take over the entire application, 2 create regular user accounts, or 3 change...
CVE-2017-8930
CVE-2017-8930 refers to multiple CSRF vulnerabilities in the open-source Simple Invoices 2013.1.beta.8. The issues allow remote attackers to hijack admin authentication and perform privileged actions, including: creating new administrator accounts and taking over the application, creating regular...
Simple Invoices Multiple XSS Vulnerabilities
Simple Invoices is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2007-3430
SQL injection vulnerability in index.php in Simple Invoices 2007 05 25 allows remote attackers to execute arbitrary SQL commands via the submit parameter in an email action...
Sql injection
SQL injection vulnerability in index.php in Simple Invoices 2007 05 25 allows remote attackers to execute arbitrary SQL commands via the submit parameter in an email action...
CVE-2007-3430
CVE-2007-3430 describes an SQL injection vulnerability in index.php of Simple Invoices 2007 (dated 2007-05-25). The vulnerability allows remote attackers to execute arbitrary SQL commands via the submit parameter used in an email action. The available references indicate a remote, unauthenticated...
CVE-2007-3430
SQL injection vulnerability in index.php in Simple Invoices 2007 05 25 allows remote attackers to execute arbitrary SQL commands via the submit parameter in an email action...
si2007-sql.txt
Homepage: http://devilteam.eu/ 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==15 $cont=0; $result.="\r\n"; $exa...
Simple Invoices Index.PHP SQL注入漏洞
Simple Invoices是一款基于PHP的WEB应用程序。 Simple Invoices不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞进行SQL注入攻击获得敏感信息。 问题是由于'index.php'脚本对用户提交的WEB参数缺少过滤,提交恶意SQL查询作为参数数据,可导致应用程序处理时更改原来的SQL逻辑,攻击者可以获得敏感信息或者操作数据库。 Simple Invoices 20070525 目前没有解决方案提供: http://www.simpleinvoices.org/ ?/ Exploit Name: Simple Invoices 2007 05 25...
Simple Invoices 2007 05 25 (index.php submit) SQL Injection Exploit
Exploit for unknown platform in category web applications =================================================================== Simple Invoices 2007 05 25 index.php submit SQL Injection Exploit =================================================================== 126 $result.=" ."; else $result.="...
Simple Invoices 2007 05 25 - index.php?submit SQL Injection
Simple Invoices 2007 05 25 - index.php?submit SQL Injection Homepage: http://devilteam.eu/ 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==15 $cont=0;...
Simple Invoices 2007 05 25 - 'index.php?submit' SQL Injection
Homepage: http://devilteam.eu/ 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==15 $cont=0; $result.="\r\n...