EUVD-2008-6230

Malware in sbrugna...

EUVD-2008-3229

Malware in sbrugna...

Ultrastats <= 0.2.142 (players-detail.php) Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; ! Discovered.: DNX ! Vendor.....: http://www.shooter-szene.de | http://www.ultrastats.org ! Detected...: 29.06.2008 ! Reported...: 04.07.2008 ! Response...: xx.xx.2008 ! Background.: UltraStats is a very...

Ultrastats 0.3.16 SQL Injection Vulnerability

Exploit for php platform in category web applications + Author: TUNISIAN CYBER + Exploit Title: Ultrastats 0.3.16 SQL Injection Vulnerability + Home: 1337day.com Inj3ct0r Exploit DataBase + Date: 09-09-2012 + Category: WebApp + Google Dork: intext:Created 2005-2008 - By deltaray Support Forums |...

Sql injection

SQL injection vulnerability in index.php in Ultrastats 0.2.144 and 0.3.11 allows remote attackers to execute arbitrary SQL commands via the serverid parameter...

CVE-2008-6260

SQL injection vulnerability in index.php in Ultrastats 0.2.144 and 0.3.11 allows remote attackers to execute arbitrary SQL commands via the serverid parameter...

CVE-2008-6260

SQL injection in Ultrastats affects index.php for versions 0.2.144 and 0.3.11, exploitable via the serverid parameter. The root cause is improper input handling in index.php enabling arbitrary SQL commands. Impact is partial confidentiality, integrity, and availability depending on the app’s DB i...

CVE-2008-6260

SQL injection vulnerability in index.php in Ultrastats 0.2.144 and 0.3.11 allows remote attackers to execute arbitrary SQL commands via the serverid parameter...

ultrastats-sql.txt

||| ||| ||| ||| ||| |||| ||| |||||||||||| +++++++++++ ++++++++++++ ++++++++++++ | ++++++++++++| | ++++++++ | | ++ | |+| Ultrastats exploit by eeee eeee e e -------------------- 8 8 8 8 8eee 8eee 8eee8e 88 88 88 8 88ee 88ee 88 8 --- mail: [email protected] - Greetz to:...

Ultrastats 0.2.144/0.3.11 - &#039;serverid&#039; SQL Injection

||| ||| ||| ||| ||| |||| ||| |||||||||||| +++++++++++ ++++++++++++ ++++++++++++ | ++++++++++++| | ++++++++ | | ++ | |+| Ultrastats exploit by eeee eeee e e -------------------- 8 8 8 8 8eee 8eee 8eee8e 88 88 88 8 88ee 88ee 88 8 --- mail: [email protected]...

Ultrastats 0.2.144/0.3.11 (index.php serverid) SQL Injection Vulnerability

No description provided by source. ||| ||| ||| ||| ||| |||| ||| |||||||||||| +++++++++++ ++++++++++++ ++++++++++++ | ++++++++++++| | ++++++++ | | ++ | |+| Ultrastats exploit by eeee eeee e e -------------------- 8 8 8 8 8eee 8eee 8eee8e 88 88 88 8 88ee 88ee 88 8 --- mail: [email protected]...

Ultrastats 0.2.1440.3.11 - serverid SQL Injection

Ultrastats 0.2.1440.3.11 - serverid SQL Injection ||| ||| ||| ||| ||| |||| ||| |||||||||||| +++++++++++ ++++++++++++ ++++++++++++ | ++++++++++++| | ++++++++ | | ++ | |+| Ultrastats exploit by eeee eeee e e -------------------- 8 8 8 8 8eee 8eee 8eee8e 88 88 88 8 88ee 88ee 88 8 --- mail: hexdez@nm...

Ultrastats 0.2.144/0.3.11 (index.php serverid) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ========================================================================== Ultrastats 0.2.144/0.3.11 index.php serverid SQL Injection Vulnerability ========================================================================== ||| ||| ||| |||...

Sql injection

SQL injection vulnerability in players-detail.php in UltraStats 0.2.136, 0.2.140, and 0.2.142 allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2008-3241

SQL injection vulnerability in players-detail.php in UltraStats 0.2.136, 0.2.140, and 0.2.142 allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2008-3241

SQL injection vulnerability in players-detail.php in UltraStats 0.2.136, 0.2.140, and 0.2.142 allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2008-3241

CVE-2008-3241 describes a SQL injection vulnerability in UltraStats versions 0.2.136, 0.2.140, and 0.2.142, in players-detail.php where the id parameter can be exploited by remote attackers to execute arbitrary SQL commands. The connected documents confirm the affected software and the nature of ...

UltraStats 'players-detail.php' SQL注入漏洞

BUGTRAQ ID: 30212 CNCAN ID：CNCAN-2008071501 UltraStats是一款基于PHP的WEB应用程序。 UltraStats不正确处理用户提交的输入，远程攻击者可以利用漏洞进行SQL注入攻击，可能获得敏感信息或操作数据库。 问题由于'players-detail.php'脚本对用户提交给WEB参数缺少过滤，构建恶意SQL查询作为参数数据，可更改原来的SQL逻辑，获得敏感信息或操作数据库。 UltraStats 0.2.142 目前没有解决方案提供：...

ultrastats-blindsql.txt

!/usr/bin/perl use LWP::UserAgent; use Getopt::Long; ! Discovered.: DNX ! Vendor.....: http://www.shooter-szene.de | http://www.ultrastats.org ! Detected...: 29.06.2008 ! Reported...: 04.07.2008 ! Response...: xx.xx.2008 ! Background.: UltraStats is a very flexable log analyzing tool for Call of...

Ultrastats &lt;= 0.2.142 (players-detail.php) Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; ! Discovered.: DNX ! Vendor.....: http://www.shooter-szene.de | http://www.ultrastats.org ! Detected...: 29.06.2008 ! Reported...: 04.07.2008 ! Response...: xx.xx.2008 ! Background.: UltraStats is a very...