12 matches found
EUVD-2018-17751
Malware in sbrugna...
Sql injection
SQL Injection exists in Easy Car Script 2014 via the sorder or srow parameter to sitesearch.php...
CVE-2018-5986
SQL Injection exists in Easy Car Script 2014 via the sorder or srow parameter to sitesearch.php...
CVE-2018-5986
SQL Injection exists in Easy Car Script 2014 via the sorder or srow parameter to sitesearch.php...
CVE-2018-5986
CVE-2018-5986 is an SQL injection in Easy Car Script 2014, triggered by the s_order or s_row parameter to site_search.php. The vulnerability allows injection of SQL commands and is documented in multiple sources (NVD, CNVD, CVE lists) with PoC/exploit references indicating remote exploitation. Co...
draftlogic.com XSS vulnerability
Vulnerable URL: http://www.draftlogic.com/sitesearch.php?keyword="/ =true=38=14 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 11.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 9890149 VIP website status:| No Coordinated Disclosur...
EasyRealtorPRO 2008 'site_search.php' Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/31401/info EasyRealtorPRO is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input before using it in an SQL query. Exploiting these issues could allow an attacker t...
Sql injection
SQL injection vulnerability in sitesearch.php in EasyRealtorPRO 2008 allows remote attackers to execute arbitrary SQL commands via the 1 item, 2 searchordermethod, and 3 searchorder parameters...
CVE-2008-4328
SQL injection vulnerability in sitesearch.php in EasyRealtorPRO 2008 allows remote attackers to execute arbitrary SQL commands via the 1 item, 2 searchordermethod, and 3 searchorder parameters...
SQL Injection in EasyRealtorPRO 2008
Original article: http://www.davidsopas.com/2008/09/sql-injection-in-easyrealtorpro/ "EasyRealtorPRO 2008 provides you with all features you need to setup your own business oriented real estate website on your own domain name. Our support team will install the script on your server and then you c...
EasyRealtorPRO 2008 - 'site_search.php' Multiple SQL Injections
source: https://www.securityfocus.com/bid/31401/info EasyRealtorPRO is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, acce...
Unfixed XSS vulnerability at www.fitfuel.com
Security researcher cLtmstr, has submitted on 10/11/2007 a cross-site-scripting XSS vulnerability affecting www.fitfuel.com, which at the time of submission ranked 295322 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 17/11/2007. It is current...