31 matches found
EUVD-2007-4579
Malware in sbrugna...
EUVD-2007-2542
Malware in sbrugna...
EUVD-2007-2541
Malware in sbrugna...
EUVD-2007-2540
Malware in sbrugna...
TurnkeyWebTools Sunshop 3.5/4.0 - Multiple Remote File Include Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/23662/info Sunshop is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the...
TurnkeyWebTools PHP Simple Shop 2.0 - Multiple Remote File Include Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/19382/info PHP Simple Shop is prone to multiple remote file-include vulnerabilities. An attacker can exploit these issues to execute arbitrary malicious PHP code in the context of the webserver process. This may facilitat...
TurnkeyWebTools SunShop Shopping Cart 4.0 index.php l Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/23856/info TurnkeyWebTools SunShop Shopping Cart is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to steal...
TurnkeyWebTools SunShop Shopping Cart 4.0 index.php Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/23856/info TurnkeyWebTools SunShop Shopping Cart is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to steal...
sunshop414-sql.txt
GulfTech Security Research August 18, 2008 Vendor : Turnkey Web Tools, Inc URL : http://www.turnkeywebtools.com Version : SunShop queryfirst"SELECT FROM ".$dbprefix."usersregistry WHERE id='".$POSTid."' AND userid='".$sess-gvar'userid'."'"; $data = filterdata$data; $out =...
SunShop <= 4.1.4 SQL Injection
GulfTech Security Research August 18, 2008 Vendor : Turnkey Web Tools, Inc URL : http://www.turnkeywebtools.com Version : SunShop = 4.1.4 Risk : SQL Injection Description: SunShop shopping cart is a full featured ecommerce solution written in php that allows for web masters to run their own onlin...
sunshop-blindsql.txt
!/usr/bin/perl -w use LWP::UserAgent; scripts : SunShop Version 3.5.1 Remote Blind Sql Injection scripts site : http://www.turnkeywebtools.com/sunshop/ Discovered By : irvian site : http://irvian.cn email : [email protected] print "\r\n+-----------------------------------------+\r\n"; print...
Sql injection
SQL injection vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 RC 6 allows remote attackers to execute arbitrary SQL commands via the scid parameter in a searchlist action, a different vector than CVE-2007-2549...
CVE-2007-4597
SQL injection vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 RC 6 allows remote attackers to execute arbitrary SQL commands via the scid parameter in a searchlist action, a different vector than CVE-2007-2549...
CVE-2007-4597
SQL injection vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 RC 6 allows remote attackers to execute arbitrary SQL commands via the scid parameter in a searchlist action, a different vector than CVE-2007-2549...
CVE-2007-4597
Technical details about CVE-2007-4597 are not publicly provided in the supplied connected documents; monitor for updates.
sunshop-sql.txt
!/usr/bin/perl -w Sunshop v4.0 new or die "Could not initialize browser\n"; $b-agent'Mozilla/4.0 compatible; MSIE 7.0; Windows NT 5.1'; $host = $ARGV0...
SunShop 4.0 RC 6 (search) Remote Blind SQL Injection Exploit
No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV1 print "\n \'/ "; print "\n -.- "; print "\n -----------------oOO------OOo------------------"; print "\n | SunShop v4.0 RC 6 search Blind SQL Injection |"; print "\n | k1tk4t - Indonesia -...
Sql injection
SQL injection vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 allows remote attackers to execute arbitrary SQL commands via the 1 c or 2 quantity parameter...
CVE-2007-2549
SQL injection vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 allows remote attackers to execute arbitrary SQL commands via the 1 c or 2 quantity parameter...
CVE-2007-2547
Cross-site scripting XSS vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 allows remote attackers to inject arbitrary web script or HTML via the l parameter...