Lucene search
K

161 matches found

Prion
Prion
added 2008/08/22 4:41 p.m.18 views

Sql injection

Multiple SQL injection vulnerabilities in class.ajax.php in Turnkey Web Tools SunShop Shopping Cart before 4.1.5 allow remote attackers to execute arbitrary SQL commands via 1 the id parameter in an editregistry action to index.php, 2 a vector involving the checkemail function, and other vectors...

7.5CVSS9.2AI score0.01573EPSS
Exploits1References8Affected Software1
NVD
NVD
added 2008/08/22 4:41 p.m.20 views

CVE-2008-3768

Multiple SQL injection vulnerabilities in class.ajax.php in Turnkey Web Tools SunShop Shopping Cart before 4.1.5 allow remote attackers to execute arbitrary SQL commands via 1 the id parameter in an editregistry action to index.php, 2 a vector involving the checkemail function, and other vectors...

7.5CVSS8.4AI score0.01573EPSS
Exploits1References8
CVE
CVE
added 2008/08/22 4:0 p.m.40 views

CVE-2008-3768

The vulnerability is in Turnkey Web Tools SunShop Shopping Cart before 4.1.5, affecting the file component class.ajax.php . The CVE-2008-3768 entry describes multiple SQL injection vulnerabilities that allow remote attackers to execute arbitrary SQL commands. Exploitation paths include (1) the id...

7.5CVSS8.4AI score0.01573EPSS
Exploits1References8Affected Software1
seebug.org
seebug.org
added 2008/08/21 12:0 a.m.19 views

SunShop <= 4.1.4 (id) Remote SQL Injection Vulnerability

No description provided by source. GulfTech Security Research August 18, 2008 Vendor : Turnkey Web Tools, Inc URL : http://www.turnkeywebtools.com Version : SunShop = 4.1.4 Risk : SQL Injection Description: SunShop shopping cart is a full featured ecommerce solution written in php that allows for...

7.1AI score
Exploits0
0day.today
0day.today
added 2008/08/19 12:0 a.m.27 views

SunShop <= 4.1.4 (id) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ======================================================== SunShop queryfirst"SELECT FROM ".$dbprefix."usersr...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/08/19 12:0 a.m.22 views

PHP Live Helper &lt;= 2.0.1 Multiple Remoet Vulnerabilities

No description provided by source. GulfTech Security Research August 16, 2008 Vendor : Turnkey Web Tools, Inc URL : http://www.turnkeywebtools.com Version : PHP Live Helper = 2.0.1 Risk : Multiple Vulnerabilities Description: PHP Live Helper is an online support system written in php that allows...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2008/08/19 12:0 a.m.18 views

SunShop Shopping Cart 4.1.4 - id SQL Injection

SunShop Shopping Cart 4.1.4 - id SQL Injection GulfTech Security Research August 18, 2008 Vendor : Turnkey Web Tools, Inc URL : http://www.turnkeywebtools.com Version : SunShop queryfirst"SELECT FROM ".$dbprefix."usersregistry WHERE id='".$POSTid."' AND userid='".$sess-gvar'userid'."'"; $data =...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/08/19 12:0 a.m.31 views

SunShop Shopping Cart 4.1.4 - &#039;id&#039; SQL Injection

GulfTech Security Research August 18, 2008 Vendor : Turnkey Web Tools, Inc URL : http://www.turnkeywebtools.com Version : SunShop queryfirst"SELECT FROM ".$dbprefix."usersregistry WHERE id='".$POSTid."' AND userid='".$sess-gvar'userid'."'"; $data = filterdata$data; $out =...

7.4AI score
Exploits0
0day.today
0day.today
added 2008/08/18 12:0 a.m.22 views

PHP Live Helper <= 2.0.1 Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ======================================================== PHP Live Helper DBsite-queryfirst"SELECT FROM ". $this-dbprefix.$table." where ".$from."='$id'"; if isarray$result...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2008/08/18 12:0 a.m.95 views

PHP Live Helper &lt;= 2.0.1 Multiple Vulnerabilities

GulfTech Security Research August 16, 2008 Vendor : Turnkey Web Tools, Inc URL : http://www.turnkeywebtools.com Version : PHP Live Helper = 2.0.1 Risk : Multiple Vulnerabilities Description: PHP Live Helper is an online support system written in php that allows the visitors of a website to intera...

1.7AI score
Exploits0
exploitpack
exploitpack
added 2008/08/18 12:0 a.m.20 views

PHP Live Helper 2.0.1 - Multiple Vulnerabilities

PHP Live Helper 2.0.1 - Multiple Vulnerabilities GulfTech Security Research August 16, 2008 Vendor : Turnkey Web Tools, Inc URL : http://www.turnkeywebtools.com Version : PHP Live Helper DBsite-queryfirst"SELECT FROM ". $this-dbprefix.$table." where ".$from."='$id'"; if isarray$result foreach...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2008/08/18 12:0 a.m.23 views

phplivehelper-sqlexec.txt

GulfTech Security Research August 16, 2008 Vendor : Turnkey Web Tools, Inc URL : http://www.turnkeywebtools.com Version : PHP Live Helper DBsite-queryfirst"SELECT FROM ". $this-dbprefix.$table." where ".$from."='$id'"; if isarray$result foreach $result as $key = $val $info$key = stripslashes$val;...

Exploits0
seebug.org
seebug.org
added 2008/08/18 12:0 a.m.19 views

PHP Live Helper &lt;= 2.0.1 Multiple Remote Vulnerabilities

No description provided by source. GulfTech Security Research August 16, 2008 Vendor : Turnkey Web Tools, Inc URL : http://www.turnkeywebtools.com Version : PHP Live Helper = 2.0.1 Risk : Multiple Vulnerabilities Description: PHP Live Helper is an online support system written in php that allows...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/08/18 12:0 a.m.32 views

PHP Live Helper 2.0.1 - Multiple Vulnerabilities

GulfTech Security Research August 16, 2008 Vendor : Turnkey Web Tools, Inc URL : http://www.turnkeywebtools.com Version : PHP Live Helper DBsite-queryfirst"SELECT FROM ". $this-dbprefix.$table." where ".$from."='$id'"; if isarray$result foreach $result as $key = $val $info$key = stripslashes$val;...

7.4AI score
Exploits0
Prion
Prion
added 2008/07/02 5:14 p.m.9 views

Sql injection

SQL injection vulnerability in rating.php in Academic Web Tools AWT YEKTA 1.4.3.1, and 1.4.2.8 and earlier, allows remote attackers to execute arbitrary SQL commands via the bookid parameter...

7.5CVSS9.1AI score0.01137EPSS
Exploits0References6Affected Software1
Prion
Prion
added 2008/07/02 5:14 p.m.13 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Academic Web Tools AWT YEKTA 1.4.3.1, and 1.4.2.8 and earlier, allow remote attackers to inject arbitrary web script or HTML via the 1 query string to login.php and the 2 glbsid parameter to hta/htmlarea.js.php, and allow remote authenticated...

4.3CVSS5.7AI score0.0173EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2008/07/02 5:14 p.m.14 views

CVE-2008-2968

SQL injection vulnerability in rating.php in Academic Web Tools AWT YEKTA 1.4.3.1, and 1.4.2.8 and earlier, allows remote attackers to execute arbitrary SQL commands via the bookid parameter...

7.5CVSS8.4AI score0.01137EPSS
Exploits0References6
Prion
Prion
added 2008/07/02 5:14 p.m.14 views

Session fixation

Multiple session fixation vulnerabilities in Academic Web Tools AWT YEKTA 1.4.3.1, and 1.4.2.8 and earlier, allow remote attackers to hijack web sessions by setting the PHPSESSID parameter to 1 index.php and 2 login.php in homepg/...

7.5CVSS7.4AI score0.02364EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2008/07/02 5:14 p.m.15 views

CVE-2008-2970

Multiple session fixation vulnerabilities in Academic Web Tools AWT YEKTA 1.4.3.1, and 1.4.2.8 and earlier, allow remote attackers to hijack web sessions by setting the PHPSESSID parameter to 1 index.php and 2 login.php in homepg/...

7.5CVSS6.9AI score0.02364EPSS
Exploits0References5
NVD
NVD
added 2008/07/02 5:14 p.m.14 views

CVE-2008-2969

Directory traversal vulnerability in download.php in Academic Web Tools AWT YEKTA 1.4.3.1, and 1.4.2.8 and earlier, allows remote attackers to read arbitrary files via a .. dot dot in the dfile parameter...

5CVSS6.7AI score0.02832EPSS
Exploits0References5
Rows per page
Query Builder