6 matches found
EUVD-2006-5891
Malware in sbrugna...
CVE-2006-5908
Multiple SQL injection vulnerabilities in the loginuser function in yans.func.php in Lucas Rodriguez San Pedro Yet Another News System YANS 0.2b allow remote attackers to execute arbitrary SQL commands via the 1 username or 2 password parameter...
CVE-2006-5908
Multiple SQL injection vulnerabilities in the loginuser function in yans.func.php in Lucas Rodriguez San Pedro Yet Another News System YANS 0.2b allow remote attackers to execute arbitrary SQL commands via the 1 username or 2 password parameter...
CVE-2006-5908
The CVE-2006-5908 entry describes multiple SQL injection vulnerabilities in the Yet Another News System (YANS) 0.2b, specifically in the login_user function within yans.func.php. The issue allows remote attackers to execute arbitrary SQL commands through the (1) username or (2) password parameter...
yans-SQL.txt
Product: YANS yet another news system Link: http://sourceforge.net/projects/yans/ vuln code: $resultado = mysqlquery"SELECT FROM users WHERE username='$username' AND password='$password'" or die mysqlerror; simple sql injection ' or '1=1 ' or '1=1 -navairum...
Y.A.N.S sql injection
Product: YANS yet another news system Link: http://sourceforge.net/projects/yans/ vuln code: $resultado = mysqlquery"SELECT FROM users WHERE username='$username' AND password='$password'" or die mysqlerror; simple sql injection ' or '1=1 ' or '1=1 -navairum...