Debian: Security Advisory (DSA-2103-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

smbind <= 0.4.7 - SQL Injection Vulnerability

No description provided by source. smbind = v.0.4.7 Sql Injection Site: https://sourceforge.net/projects/smbind/files/ Reported on 28/08/2010 Author: IHTeam Buggy code: ifisset$POST'username' && isset$POST'password' if!filteralphanum, $POST'username' or !filteralphanum, $POST'password' dieUsernam...

[SECURITY] [DSA-2103-1] New smbind packages fix sql injection

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-2103-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano September 05, 2010 http://www.debian.org/security/faq -...

Debian DSA-2103-1 : smbind - sql injection

It was discovered that smbind, a PHP-based tool for managing DNS zones for BIND, does not properly validating input. An unauthenticated remote attacker could execute arbitrary SQL commands or gain access to the admin account. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive te...

[SECURITY] [DSA-2103-1] New smbind packages fix sql injection

------------------------------------------------------------------------ Debian Security Advisory DSA-2103-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano September 05, 2010 http://www.debian.org/security/faq -...

[SECURITY] [DSA-2103-1] New smbind packages fix sql injection

------------------------------------------------------------------------ Debian Security Advisory DSA-2103-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano September 05, 2010 http://www.debian.org/security/faq -...

DSA-2103-1 smbind - sql injection

Bulletin has no description...

smbind 0.4.7 - SQL Injection

smbind query"SELECT ID FROM users WHERE username = '" . $SESSION'username' ."' AND password = '" . md5$SESSION'password' . " ' "; Easy admin login Enter in username field: admin'; Enter in password field: anything Sql query will result like this: SELECT ID FROM users WHERE username = 'admin'; ' A...

smbind <= v.0.4.7 Sql Injection Vulnerability

Exploit for php platform in category web applications ============================================= smbind query"SELECT ID FROM users WHERE username = '" . $SESSION'username' ."' AND password = '" . md5$SESSION'password' . " ' "; Easy admin login Enter in username field: admin'; Enter in password...