CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

seebug.org•added 2007/04/03 12:0 a.m.•13 views

Picture-Engine Wall.PHP SQL注入漏洞

Picture-Engine是一款基于PHP的WEB应用程序。 Picture-Engine不正确过滤用户提交的输入，远程攻击者可以利用漏洞进行SQL注入攻击，可获得敏感信息。问题是'Wall.PHP'脚本对用户提交的WEB参数缺少过滤，提交恶意SQL代码作为参数数据，可导致更改原来的SQL逻辑，获得敏感信息。 Alexscriptengine Picture-Engine 1.2 目前没有解决方案提供： http://www.alexscriptengine.com/ ? / Autor: Kacper Contact: [email protected] Homepage:...

7.1AI score

Exploits0

NVD•added 2007/03/31 10:19 a.m.•7 views

CVE-2007-1791

SQL injection vulnerability in wall.php in Picture-Engine 1.2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the cat parameter...

7.5CVSS8.4AI score0.01347EPSS

Exploits1References4

exploitpack•added 2007/03/29 12:0 a.m.•13 views

Picture-Engine 1.2.0 - wall.php?cat SQL Injection

Picture-Engine 1.2.0 - wall.php?cat SQL Injection 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==15 $cont=0; $result.="\r\n"; $exa.="\r\n"; return $exa."\r\n".$result; $proxyregex =...

8.6AI score

Exploits0

seebug.org•added 2007/03/29 12:0 a.m.•31 views

Picture-Engine <= 1.2.0 (wall.php cat) Remote SQL Injection Exploit

No description provided by source. ? / Autor: Kacper Contact: [email protected] Homepage: http://www.rahim.webd.pl/ Irc: irc.milw0rm.com:6667 devilteam Pozdro dla wszystkich z kanalu IRC oraz forum DEVIL TEAM. Picture-Engine = V1.2.0 Remote SQL Injection Exploit script homepage/download/demo:...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by