15 matches found
EUVD-2009-0463
Malware in sbrugna...
EUVD-2009-0465
Malware in sbrugna...
EUVD-2009-0462
Malware in sbrugna...
CVE-2009-0458
Multiple SQL injection vulnerabilities in admin/loginsubmit.php in Whole Hog Ware Support 1.x allow remote attackers to execute arbitrary SQL commands via 1 the uid parameter aka Username field or 2 the pwd parameter aka Password field. NOTE: some of these details are obtained from third party...
CVE-2009-0460
Whole Hog Ware Support 1.x allows remote attackers to bypass authentication and obtain administrative access via an integer value in the adminid cookie...
CVE-2009-0461
Whole Hog Password Protect: Enhanced 1.x allows remote attackers to bypass authentication and obtain administrative access via an integer value in the adminid cookie...
Sql injection
Multiple SQL injection vulnerabilities in admin/loginsubmit.php in Whole Hog Ware Support 1.x allow remote attackers to execute arbitrary SQL commands via 1 the uid parameter aka Username field or 2 the pwd parameter aka Password field. NOTE: some of these details are obtained from third party...
CVE-2009-0458
Multiple SQL injection vulnerabilities in admin/loginsubmit.php in Whole Hog Ware Support 1.x allow remote attackers to execute arbitrary SQL commands via 1 the uid parameter aka Username field or 2 the pwd parameter aka Password field. NOTE: some of these details are obtained from third party...
CVE-2009-0461
Whole Hog Password Protect: Enhanced 1.x allows remote attackers to bypass authentication and obtain administrative access via an integer value in the adminid cookie...
CVE-2009-0460
Whole Hog Ware Support 1.x allows remote attackers to bypass authentication and obtain administrative access via an integer value in the adminid cookie...
CVE-2009-0459
Multiple SQL injection vulnerabilities in admin/loginsubmit.php in Whole Hog Password Protect: Enhanced 1.x allow remote attackers to execute arbitrary SQL commands via 1 the uid parameter aka Username field or 2 the pwd parameter aka Password field. NOTE: some of these details are obtained from...
CVE-2009-0461
The vulnerability CVE-2009-0461 affects Whole Hog Password Protect: Enhanced 1.x. An integer value in the adminid cookie can bypass authentication, enabling remote attackers to obtain administrative access. This is the root cause and impact described across sources; no remediation or patched vers...
CVE-2009-0460
CVE-2009-0460 affects Whole Hog Ware Support 1.x. The vulnerability allows remote attackers to bypass authentication and obtain administrative access by manipulating an integer value in the adminid cookie. The root cause is improper validation of the adminid cookie, enabling privilege escalation ...
CVE-2009-0458
CVE-2009-0458 affects Whole Hog Ware Support 1.x. The admin/login_submit.php script exposes SQL injection via the uid (Username) and pwd (Password) fields, enabling remote attackers to execute arbitrary SQL commands. The NVD entry lists a high impact with a CVSS v2 base score of 7.5 (Network atta...
CVE-2009-0459
CVE-2009-0459 describes multiple SQL injection vulnerabilities in admin/login_submit.php of Whole Hog Password Protect: Enhanced 1.x . The flaws allow remote attackers to execute arbitrary SQL commands via the uid (Username) or pwd (Password) parameters. This is supported by the NVD entry and rel...