16 matches found
EUVD-2010-4973
Malware in sbrugna...
EUVD-2010-4971
Malware in sbrugna...
UTStats XSS, SQL Injection & Full path disclosure
No description provided by source. Exploit Title: UTStats XSS, SQL Injection & Full path disclosure Date: 13-06-2010 Author: LuM Member Software Link: http://www.unrealadmin.org/forums/showthread.php?t=29786 Version: All recent versions. Tested on: Windows 7 x64 CVE : none Code : There are most...
CVE-2010-5009
SQL injection vulnerability in index.php in UTStats Beta 4 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter in a matchp action...
CVE-2010-5007
Cross-site scripting XSS vulnerability in pages/matchreport.php in UTStats Beta 4 and earlier allows remote attackers to inject arbitrary web script or HTML via the mid parameter...
CVE-2010-5007
Cross-site scripting XSS vulnerability in pages/matchreport.php in UTStats Beta 4 and earlier allows remote attackers to inject arbitrary web script or HTML via the mid parameter...
CVE-2010-5009
SQL injection vulnerability in index.php in UTStats Beta 4 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter in a matchp action...
Cross site scripting
Cross-site scripting XSS vulnerability in pages/matchreport.php in UTStats Beta 4 and earlier allows remote attackers to inject arbitrary web script or HTML via the mid parameter...
CVE-2010-5009
SQL injection vulnerability in index.php in UTStats Beta 4 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter in a matchp action...
CVE-2010-5007
Cross-site scripting XSS vulnerability in pages/matchreport.php in UTStats Beta 4 and earlier allows remote attackers to inject arbitrary web script or HTML via the mid parameter...
CVE-2010-5007
CVE-2010-5007 describes a reflected cross-site scripting (XSS) vulnerability in UTStats Beta 4 and earlier, exploitable through the mid parameter in pages/match_report.php. The issue allows remote attackers to inject arbitrary web script or HTML. The NVD entry lists a CVSSv2 base score of 4.3 (Me...
CVE-2010-5009
CVE-2010-5009 affects UTStats Beta 4 and earlier, where index.php is vulnerable to SQL injection via the pid parameter in the matchp action. The issue allows remote attackers to execute arbitrary SQL commands, enabling partial data confidentiality and integrity impact with no authentication and n...
UTStats Cross Site Scripting / Path Disclosure / SQL Injection
Exploit Title: UTStats XSS, SQL Injection & Full path disclosure Date: 13-06-2010 Author: LuM Member Software Link: http://www.unrealadmin.org/forums/showthread.php?t=29786 Version: All recent versions. Tested on: Windows 7 x64 CVE : none Code : There are most likely some more bugs in it. I didn'...
UTStats - Cross-Site Scripting / SQL Injection / Full Path Disclosure
Exploit Title: UTStats XSS, SQL Injection & Full path disclosure Date: 13-06-2010 Author: LuM Member Software Link: http://www.unrealadmin.org/forums/showthread.php?t=29786 Version: All recent versions. Tested on: Windows 7 x64 CVE : none Code : There are most likely some more bugs in it. I didn'...
UTStats - Cross-Site Scripting SQL Injection Full Path Disclosure
UTStats - Cross-Site Scripting SQL Injection Full Path Disclosure Exploit Title: UTStats XSS, SQL Injection & Full path disclosure Date: 13-06-2010 Author: LuM Member Software Link: http://www.unrealadmin.org/forums/showthread.php?t=29786 Version: All recent versions. Tested on: Windows 7 x64 CVE...
UTStats XSS / SQL Injection / Full path disclosure
Exploit for php platform in category web applications ================================================== UTStats XSS / SQL Injection / Full path disclosure ================================================== Exploit Title: UTStats XSS, SQL Injection & Full path disclosure Date: 13-06-2010 Author:...