Lucene search
K

237 matches found

Cvelist
Cvelist
added 2006/09/14 10:0 a.m.25 views

CVE-2006-4782

src/index.php in WebSPELL 4.01.01 and earlier, when registerglobals is enabled, allows remote attackers to bypass authentication and gain sensitive information stored in the database via a modified userID parameter in a write action to admin/database.php...

6.3AI score0.03175EPSS
Exploits1References6
Cvelist
Cvelist
added 2006/09/14 10:0 a.m.23 views

CVE-2006-4783

SQL injection vulnerability in squads.php in WebSPELL 4.01.01 and earlier, when registerglobals is enabled, allows remote attackers to execute arbitrary SQL commands via the squadID parameter...

8.1AI score0.01129EPSS
Exploits1References5
CVE
CVE
added 2006/09/14 10:0 a.m.49 views

CVE-2006-4783

WebSPELL 4.01.01 and earlier are affected by an SQL injection in squads.php when register_globals is enabled. The vulnerability allows remote attackers to inject arbitrary SQL via the squadID parameter, enabling unauthorized database commands. The available sources confirm the affected file and p...

5.1CVSS8.2AI score0.01129EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2006/09/14 10:0 a.m.48 views

CVE-2006-4782

Technical details for CVE-2006-4782 are not provided in the connected documents. Monitor for updates.

5.4CVSS6.4AI score0.03175EPSS
Exploits1References6Affected Software1
Packet Storm
Packet Storm
added 2006/09/13 12:0 a.m.61 views

webspell.txt

WebSPELL = 4.01.01 Accessible Database Backup Download Exploit Discovered by: Trex Visit: www.SecuritySector.org / www.UnderGround.ag Exploit: http://SITE/PATH/admin/database.php?action=write&userID=1 Solution: http://cms.webspell.org/index.php?site=files&file=15...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2006/09/12 12:0 a.m.13 views

webSPELL <= 4.01.01 Database Backup Download Vulnerability

No description provided by source. WebSPELL = 4.01.01 Accessible Database Backup Download Exploit Discovered by: Trex Visit: www.SecuritySector.org / www.UnderGround.ag Exploit: http://SITE/PATH/admin/database.php?action=write&userID=1 Solution: http://cms.webspell.org/index.php?site=files&file=1...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2006/09/12 12:0 a.m.15 views

webSPELL 4.01.01 - Database Backup Download

webSPELL 4.01.01 - Database Backup Download WebSPELL = 4.01.01 Accessible Database Backup Download Exploit Discovered by: Trex Visit: www.SecuritySector.org / www.UnderGround.ag Exploit: http://SITE/PATH/admin/database.php?action=write&userID=1 Solution:...

7.4AI score
Exploits0
0day.today
0day.today
added 2006/09/12 12:0 a.m.23 views

webSPELL <= 4.01.01 Database Backup Download Vulnerability

Exploit for unknown platform in category web applications ========================================================== webSPELL = 4.01.01 Database Backup Download Vulnerability ========================================================== WebSPELL = 4.01.01 Accessible Database Backup Download Exploit...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2006/09/12 12:0 a.m.38 views

webSPELL 4.01.01 - Database Backup Download

WebSPELL = 4.01.01 Accessible Database Backup Download Exploit Discovered by: Trex Visit: www.SecuritySector.org / www.UnderGround.ag Exploit: http://SITE/PATH/admin/database.php?action=write&userID=1 Solution: http://cms.webspell.org/index.php?site=files&file=15 milw0rm.com 2006-09-12...

7.4AI score
Exploits0
NVD
NVD
added 2006/02/16 11:2 a.m.15 views

CVE-2006-0728

SQL injection vulnerability in search.php in webSPELL 4.01.00 and earlier allows remote attackers to inject arbitrary SQL commands via the titleop parameter...

7.5CVSS7.8AI score0.01174EPSS
Exploits0References5
Prion
Prion
added 2006/02/16 11:2 a.m.14 views

Sql injection

SQL injection vulnerability in search.php in webSPELL 4.01.00 and earlier allows remote attackers to inject arbitrary SQL commands via the titleop parameter...

7.5CVSS8.6AI score0.01174EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2006/02/16 11:0 a.m.24 views

CVE-2006-0728

SQL injection vulnerability in search.php in webSPELL 4.01.00 and earlier allows remote attackers to inject arbitrary SQL commands via the titleop parameter...

7.8AI score0.01174EPSS
Exploits0References5
CVE
CVE
added 2006/02/16 11:0 a.m.53 views

CVE-2006-0728

CVE-2006-0728 affects webSPELL (search.php) 4.01.00 and earlier. The vulnerability is an SQL injection via the title_op parameter, allowing remote attackers to inject arbitrary SQL commands. Impact is listed as partial confidentiality, integrity, and availability with a high base score. No remedi...

7.5CVSS7.9AI score0.01174EPSS
Exploits0References5Affected Software1
securityvulns
securityvulns
added 2006/02/16 12:0 a.m.40 views

[SA18885] webSPELL &quot;search.php&quot; SQL Injection Vulnerability

TITLE: webSPELL "search.php" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA18885 VERIFY ADVISORY: http://secunia.com/advisories/18885/ CRITICAL: Moderately critical IMPACT: Manipulation of data WHERE: From remote SOFTWARE: webSPELL 4.x http://secunia.com/product/8086/ DESCRIPTION: x128 has...

0.6AI score
Exploits0
0day.today
0day.today
added 2006/02/14 12:0 a.m.68 views

webSPELL <= 4.01 (title_op) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ======================================================== webSPELL = 4.01 titleop Remote SQL Injection Exploit ======================================================== ? errorreportingEERROR; function xssinit if !extensionloaded'phpcurl' if...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/02/14 12:0 a.m.18 views

webSPELL &lt;= 4.01 (title_op) Remote SQL Injection Exploit

No description provided by source. ? errorreportingEERROR; function xssinit if !extensionloaded'phpcurl' if !dl'curl.so' and !dl'phpcurl.so' and !dl'phpcurl.dll' die "oo error - cannot load curl extension!"; function xssheader echo...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2006/02/14 12:0 a.m.34 views

webSPELL 4.01 - &#039;title_op&#039; SQL Injection

x128.net oo website : www.x128.net"; function xssexploit $xsstarget = $SERVER'argv'1 . "/index.php"; $xsshttpge...

7AI score
Exploits0
Rows per page
Query Builder