14 matches found
EUVD-2009-0600
Malware in sbrugna...
EUVD-2008-6128
Malware in sbrugna...
EUVD-2009-2333
Malware in sbrugna...
Sql injection
SQL injection vulnerability in includes/module/book/index.inc.php in w3b|cms Gaestebuch Guestbook Module 3.0.0, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the spamid parameter...
CVE-2009-2337
SQL injection vulnerability in includes/module/book/index.inc.php in w3b|cms Gaestebuch Guestbook Module 3.0.0, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the spamid parameter...
CVE-2009-2337
The CVE-2009-2337 issue affects the w3b|cms Gaestebuch Guestbook Module 3.0.0, where a SQL injection vulnerability exists in includes/module/book/index.inc.php. The underlying cause is an unparameterized SQL query that can be exploited when magic_quotes_gpc is disabled, enabling remote attackers ...
CVE-2009-2337
SQL injection vulnerability in includes/module/book/index.inc.php in w3b|cms Gaestebuch Guestbook Module 3.0.0, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the spamid parameter...
CVE-2008-6158
Multiple unspecified vulnerabilities in the admin backend in w3bcms aka w3blabor CMS before 3.2.0 have unknown impact and remote attack vectors...
Design/Logic Flaw
Multiple unspecified vulnerabilities in the admin backend in w3bcms aka w3blabor CMS before 3.2.0 have unknown impact and remote attack vectors...
CVE-2008-6158
Technical details (affected product/versions, root cause, exploit vectors, or impact specifics) are not publicly available in the provided documents. Monitor for updates.
CVE-2008-6158
Multiple unspecified vulnerabilities in the admin backend in w3bcms aka w3blabor CMS before 3.2.0 have unknown impact and remote attack vectors...
Sql injection
SQL injection vulnerability in admin/index.php in w3bcms aka w3blabor CMS before 3.4.0, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the benutzername parameter aka Username field in a login action...
CVE-2009-0597
SQL injection vulnerability in admin/index.php in w3bcms aka w3blabor CMS before 3.4.0, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the benutzername parameter aka Username field in a login action...
CVE-2009-0597
CVE-2009-0597 describes an SQL injection in the w3b>cms (aka w3blabor CMS) admin/index.php before version 3.4.0, exploitable when magic_quotes_gpc is disabled. A remote attacker can inject SQL via the benutzername (Username) field in the login action, potentially executing arbitrary SQL comman...