10 matches found
EUVD-2006-3952
Malware in sbrugna...
SELinux W+X Protection Bypass via AIO
Exploit for linux platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=854 SELinux has a set of permissions that can be used to prevent processes from creating executable memory mappings that contain data controlled by the process PROCESSEXECMEM,...
X-Scripts X-Protection 1.10 Protect.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19235/info X-Protection is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the...
X-Scripts X-Protection Protect.PHP SQL注入漏洞
X-Protection是一款基于PHP的投票程序。 X-Protection不正确处理用户提交的WEB数据,远程攻击者可以利用漏洞进行SQL注入获得敏感信息。 问题存在于'protect.PHP'脚本中,由于对用户提交的'password'参数缺少过滤,提交恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息。 X-Scripts X-Protection 1.10 http://members.lycos.co.uk/xscripts03/ POST: username='/&password=/%20AND%201=0%20UNION%20SELECT%20999/...
[Full-disclosure] X-Protection 1.10 SQL Injection Vulnerability
Discovered by Sirdarckcat from elhacker.net X-Protection 1.10 http://members.lycos.co.uk/xscripts03/ ============================================== X-Protection is a simple script made for protectiong files with a simple file inclusion. There is a SQL injection vulnerability...
CVE-2006-3959
SQL injection vulnerability in protect.php in X-Scripts X-Protection 1.10, with magicquotesgpc disabled, allows remote attackers to execute arbitrary SQL commands via the 1 username and 2 password parameter...
CVE-2006-3959
SQL injection vulnerability in protect.php in X-Scripts X-Protection 1.10, with magicquotesgpc disabled, allows remote attackers to execute arbitrary SQL commands via the 1 username and 2 password parameter...
CVE-2006-3959
CVE-2006-3959 affects X-Scripts X-Protection 1.10, where protect.php is vulnerable to SQL injection when magic_quotes_gpc is disabled. An attacker can supply crafted values for the (1) username and (2) password parameters to trigger arbitrary SQL execution remotely via HTTP to protect.php. The ro...
X-Scripts X-Protection 1.10 - 'Protect.php' SQL Injection
source: https://www.securityfocus.com/bid/19235/info X-Protection is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data...
X-Scripts X-Protection 1.10 - Protect.php SQL Injection
X-Scripts X-Protection 1.10 - Protect.php SQL Injection source: https://www.securityfocus.com/bid/19235/info X-Protection is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an...