11 matches found
EUVD-2006-0073
Malware in sbrugna...
VEGO Web Forum index.php theme_id Parameter SQL Injection - Ver2 (CVE-2006-0065)
An SQL injection vulnerability has been reported in VEGO Web Forum. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
VEGO Web Forum login.php username Parameter SQL Injection - Ver2 (CVE-2006-0067)
An SQL injection vulnerability has been reported in VEGO Links Builder. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
VEGO Web Forum index.php theme_id Parameter SQL Injection - Ver2 (CVE-2006-0065)
An SQL injection vulnerability has been reported in VEGO Web Forum. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
[eVuln] VEGO Web Forum SQL Injection Vulnerability
New eVuln Advisory: VEGO Web Forum SQL Injection Vulnerability --------------------Summary---------------- Vendor: VEGO Software: VEGO Web Forum Versions: 1.26 and earlier Critical Level: Moderate Type: SQL Injection Remote: yes Status: Unpatched Exploit: Available Solution: Not Available...
EV0001.txt
New eVuln Advisory: VEGO Web Forum SQL Injection Vulnerability --------------------Summary---------------- Vendor: VEGO Software: VEGO Web Forum Versions: 1.26 and earlier Critical Level: Moderate Type: SQL Injection Remote: yes Status: Unpatched Exploit: Available Solution: Not Available...
CVE-2006-0065
SQL injection vulnerability in 1 functions.php, 2 functionsupdate.php, and 3 functionsdisplay.php in VEGO Web Forum 1.26 and earlier allows remote attackers to execute arbitrary SQL commands via the themeid parameter in index.php...
CVE-2006-0065
CVE-2006-0065 describes an SQL injection vulnerability in VEGO Web Forum versions up to and including 1.26, affecting (1) functions.php, (2) functions_update.php, and (3) functions_display.php. The flaw allows remote attackers to execute arbitrary SQL commands via the theme_id parameter in index....
CVE-2006-0065
SQL injection vulnerability in 1 functions.php, 2 functionsupdate.php, and 3 functionsdisplay.php in VEGO Web Forum 1.26 and earlier allows remote attackers to execute arbitrary SQL commands via the themeid parameter in index.php...
[SA18273] VEGO Web Forum "theme_id" SQL Injection Vulnerability
TITLE: VEGO Web Forum "themeid" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA18273 VERIFY ADVISORY: http://secunia.com/advisories/18273/ CRITICAL: Moderately critical IMPACT: Manipulation of data WHERE: From remote SOFTWARE: VEGO Web Forum 1.x http://secunia.com/product/6722/ DESCRIPTION:...
VEGO Web Forum 1.x - Theme_ID SQL Injection
VEGO Web Forum 1.x - ThemeID SQL Injection source: https://www.securityfocus.com/bid/16107/info VEGO Web Forum is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...