31 matches found
EUVD-2007-2540
Malware in sbrugna...
EUVD-2007-4579
Malware in sbrugna...
EUVD-2007-2541
Malware in sbrugna...
EUVD-2007-2542
Malware in sbrugna...
TurnkeyWebTools Sunshop 3.5/4.0 - Multiple Remote File Include Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/23662/info Sunshop is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the...
TurnkeyWebTools SunShop Shopping Cart 4.0 index.php Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/23856/info TurnkeyWebTools SunShop Shopping Cart is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to steal...
TurnkeyWebTools SunShop Shopping Cart 4.0 index.php l Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/23856/info TurnkeyWebTools SunShop Shopping Cart is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to steal...
TurnkeyWebTools PHP Simple Shop 2.0 - Multiple Remote File Include Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/19382/info PHP Simple Shop is prone to multiple remote file-include vulnerabilities. An attacker can exploit these issues to execute arbitrary malicious PHP code in the context of the webserver process. This may facilitat...
sunshop414-sql.txt
GulfTech Security Research August 18, 2008 Vendor : Turnkey Web Tools, Inc URL : http://www.turnkeywebtools.com Version : SunShop queryfirst"SELECT FROM ".$dbprefix."usersregistry WHERE id='".$POSTid."' AND userid='".$sess-gvar'userid'."'"; $data = filterdata$data; $out =...
SunShop <= 4.1.4 SQL Injection
GulfTech Security Research August 18, 2008 Vendor : Turnkey Web Tools, Inc URL : http://www.turnkeywebtools.com Version : SunShop = 4.1.4 Risk : SQL Injection Description: SunShop shopping cart is a full featured ecommerce solution written in php that allows for web masters to run their own onlin...
sunshop-blindsql.txt
!/usr/bin/perl -w use LWP::UserAgent; scripts : SunShop Version 3.5.1 Remote Blind Sql Injection scripts site : http://www.turnkeywebtools.com/sunshop/ Discovered By : irvian site : http://irvian.cn email : [email protected] print "\r\n+-----------------------------------------+\r\n"; print...
CVE-2007-4597
SQL injection vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 RC 6 allows remote attackers to execute arbitrary SQL commands via the scid parameter in a searchlist action, a different vector than CVE-2007-2549...
Sql injection
SQL injection vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 RC 6 allows remote attackers to execute arbitrary SQL commands via the scid parameter in a searchlist action, a different vector than CVE-2007-2549...
CVE-2007-4597
SQL injection vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 RC 6 allows remote attackers to execute arbitrary SQL commands via the scid parameter in a searchlist action, a different vector than CVE-2007-2549...
CVE-2007-4597
Technical details about CVE-2007-4597 are not publicly provided in the supplied connected documents; monitor for updates.
sunshop-sql.txt
!/usr/bin/perl -w Sunshop v4.0 new or die "Could not initialize browser\n"; $b-agent'Mozilla/4.0 compatible; MSIE 7.0; Windows NT 5.1'; $host = $ARGV0...
SunShop 4.0 RC 6 (search) Remote Blind SQL Injection Exploit
No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV1 print "\n \'/ "; print "\n -.- "; print "\n -----------------oOO------OOo------------------"; print "\n | SunShop v4.0 RC 6 search Blind SQL Injection |"; print "\n | k1tk4t - Indonesia -...
Code injection
Unspecified vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 has unknown impact and an l remote attack vector, related to "Cookie Manipulation."...
Sql injection
SQL injection vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 allows remote attackers to execute arbitrary SQL commands via the 1 c or 2 quantity parameter...
CVE-2007-2547
Cross-site scripting XSS vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 allows remote attackers to inject arbitrary web script or HTML via the l parameter...