23 matches found
EUVD-2008-6112
Malware in sbrugna...
Sql injection
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPDirectory 0.0.1, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 checkuser and 2 checkpass parameters...
CVE-2008-6749
CVE-2008-6749 affects FlexPHPDirectory 0.0.1. Multiple SQL injection vulnerabilities exist in admin/usercheck.php when magic_quotes_gpc is disabled, allowing remote attackers to injected arbitrary SQL via the checkuser and checkpass parameters. The issue is documented with an NVD entry and multip...
CVE-2008-6730
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPLink Pro 0.0.6 and 0.0.7, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via 1 the checkuser parameter aka username field, or 2 the checkpass parameter aka password field, to...
Sql injection
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPLink Pro 0.0.6 and 0.0.7, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via 1 the checkuser parameter aka username field, or 2 the checkpass parameter aka password field, to...
CVE-2008-6730
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPLink Pro 0.0.6 and 0.0.7, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via 1 the checkuser parameter aka username field, or 2 the checkpass parameter aka password field, to...
CVE-2008-6730
CVE-2008-6730 affects FlexPHPLink Pro versions 0.0.6 and 0.0.7. The vulnerability is a SQL injection in admin/usercheck.php that can be triggered when magic_quotes_gpc is disabled, allowing remote attackers to alter or disclose data via the checkuser (username) or checkpass (password) fields dire...
CVE-2008-6241
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPSite 0.0.1 and 0.0.7, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via 1 the checkuser parameter aka username field, or 2 the checkpass parameter aka password field, to...
Sql injection
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPSite 0.0.1 and 0.0.7, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via 1 the checkuser parameter aka username field, or 2 the checkpass parameter aka password field, to...
CVE-2008-6241
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPSite 0.0.1 and 0.0.7, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via 1 the checkuser parameter aka username field, or 2 the checkpass parameter aka password field, to...
CVE-2008-6241
CVE-2008-6241 affects FlexPHPSite versions 0.0.1 and 0.0.7. It describes SQL injection in admin/usercheck.php when magic_quotes_gpc is disabled, allowing remote attackers to modify or exfiltrate data via the checkuser (username) or checkpass (password) fields directed to admin/index.php. The NVD ...
Sql injection
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPic 0.0.4 and FlexPHPic Pro 0.0.3, and other 0.0.x versions, allow remote attackers to execute arbitrary SQL commands via 1 the checkuser parameter aka username field, or 2 the checkpass parameter aka password field, to...
CVE-2008-6142
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPic 0.0.4 and FlexPHPic Pro 0.0.3, and other 0.0.x versions, allow remote attackers to execute arbitrary SQL commands via 1 the checkuser parameter aka username field, or 2 the checkpass parameter aka password field, to...
CVE-2008-5927
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPNews 0.0.6 allow remote attackers to execute arbitrary SQL commands via the 1 checkuser parameter aka username field or 2 checkpass parameter aka password field to admin/index.php. NOTE: some of these details are obtained fro...
Sql injection
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPNews 0.0.6 allow remote attackers to execute arbitrary SQL commands via the 1 checkuser parameter aka username field or 2 checkpass parameter aka password field to admin/index.php. NOTE: some of these details are obtained fro...
CVE-2008-5927
CVE-2008-5927 describes multiple SQL injection vulnerabilities in FlexPHPNews 0.0.6, specifically in admin/usercheck.php. The attack surface is the login path at admin/index.php, where user-supplied inputs in the checkuser (username) and checkpass (password) parameters appear to be unsafely handl...
Flexphpic 0.0.x SQL Injection
Autore: S.W.A.T. Email: [email protected] Site: Www.BaTLaGH.coM Cms: Flexphpic 0.0.4 & Flexphpic Pro 0.0.3 Download: http://www.china-on-site.com/flexphpic/downloads.php Bug In \admin\usercheck.php $sql = "select username,adminid from linkexadmin where username='$checkuser' and...
Flexphpsite 0.0.1 SQL Injection
Autore: x0r Email: [email protected] Site: http://w00tz0ne.altervista.org/index.php Cms: Flexphpsiteen Version: 0.0.1 Download: http://www.china-on-site.com/flexphpsite/downloads.html Bug In \admin\usercheck.php $sql = "select username,adminid from linkexadmin where username='$checkuser' and...
Flexphpic 0.0.x - Authentication Bypass
Flexphpic 0.0.x - Authentication Bypass Autore: S.W.A.T. Email: [email protected] Site: Www.BaTLaGH.coM Cms: Flexphpic 0.0.4 & Flexphpic Pro 0.0.3 Download: http://www.china-on-site.com/flexphpic/downloads.php Bug In \admin\usercheck.php $sql = "select username,adminid from linkexadmin where...
Flexphplink 0.0.x - Authentication Bypass
Flexphplink 0.0.x - Authentication Bypass Autore: x0r Email: [email protected] Site: http://w00tz0ne.altervista.org/index.php Cms: Flexphplink Pro Version: 0.0.7 Download: http://www.china-on-site.com/flexphplink/downloads.html Bug In \admin\usercheck.php $sql = "select username,adminid from...