EUVD-2007-1968

Malware in sbrugna...

XOOPS Module WF Section SQL Injection (CVE-2005-0725)

An SQL injection vulnerability has been reported in Wf-sections. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

CVE-2007-1974

SQL injection vulnerability in the getArticle function in class/wfsarticle.php in WF-Section aka WF-Sections 1.0.1, as used in Xoops modules such as 1 Zmagazine 1.0, 2 Happy Linux XFsection 1.07 and earlier, and possibly other modules, allows remote attackers to execute arbitrary SQL commands via...

Sql injection

SQL injection vulnerability in the getArticle function in class/wfsarticle.php in WF-Section aka WF-Sections 1.0.1, as used in Xoops modules such as 1 Zmagazine 1.0, 2 Happy Linux XFsection 1.07 and earlier, and possibly other modules, allows remote attackers to execute arbitrary SQL commands via...

CVE-2007-1974

SQL injection vulnerability in the getArticle function in class/wfsarticle.php in WF-Section aka WF-Sections 1.0.1, as used in Xoops modules such as 1 Zmagazine 1.0, 2 Happy Linux XFsection 1.07 and earlier, and possibly other modules, allows remote attackers to execute arbitrary SQL commands via...

CVE-2007-1974

The CVE-2007-1974 entry describes an SQL injection in WF-Section (XOOPS WF-Section) 1.0.1, via the articleid parameter to print.php, affecting the getArticle function in class/wfsarticle.php. Affected component is the WF-Section XOOPS module; the vulnerability arises from inadequate input sanitiz...

CVE-2007-1974

SQL injection vulnerability in the getArticle function in class/wfsarticle.php in WF-Section aka WF-Sections 1.0.1, as used in Xoops modules such as 1 Zmagazine 1.0, 2 Happy Linux XFsection 1.07 and earlier, and possibly other modules, allows remote attackers to execute arbitrary SQL commands via...

XOOPS WF-Section Module print.php articleid Parameter SQL Injection

The remote host is running the WF-Section module, a third-party module for XOOPS. The version of this module installed on the remote host fails to properly sanitize user-supplied input to the 'articleid' parameter of the 'modules/wfsection/print.php' script before using it to build a database...

XOOPS Module WF-Section <= 1.01 (articleid) SQL Injection Exploit

Exploit for unknown platform in category web applications ================================================================= XOOPS Module WF-Section : "; $dir = ; chop $dir; if $dir = /exit/ print "-- Exploit FailedYou Are Exited \n"; exit; if $dir = /// else print "-- Exploit FailedNo DIR \n";...

XOOPS Module WF-Section 1.01 - &#039;articleId&#039; SQL Injection

!/usr/bin/perl Script Name: XOOPS Module WF-Section : "; $dir = ; chop $dir; if $dir = /exit/ print "-- Exploit FailedYou Are Exited \n"; exit; if $dir = /// else print "-- Exploit FailedNo DIR \n"; exit; print "User ID uid: "; $id = ; chop $id; $target =...

XOOPS Module WF-Section 1.01 - articleId SQL Injection

XOOPS Module WF-Section 1.01 - articleId SQL Injection !/usr/bin/perl Script Name: XOOPS Module WF-Section : "; $dir = ; chop $dir; if $dir = /exit/ print "-- Exploit FailedYou Are Exited \n"; exit; if $dir = /// else print "-- Exploit FailedNo DIR \n"; exit; print "User ID uid: "; $id = ; chop...