EUVD-2008-1377

Malware in sbrugna...

EUVD-2009-1039

Malware in sbrugna...

HazirSite SQL Injection Vulnerability

HazirSite girisyap.asp suffers from a SQL injection vulnerability. Allows remote attackers to bypass authentication via the 1 ka class or 2 sifre parameter...

YAP Messaging - Customized SSL, Dangerous filesystem permissions, LGPL license vulnerabilities

HackApp vulnerability scanner discovered that application YAP Messaging published at the 'play' market has multiple vulnerabilities...

Yap Blog 1.1 - 'index.php' Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28120/info Yap Blog is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application and the underlyi...

YAP Multiple SQL Injection Vulnerabilities

YAP is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the...

Sql injection

Multiple SQL injection vulnerabilities in YAP Blog 1.1.1 allow remote attackers to execute arbitrary SQL commands via the 1 imageid parameter to comments.php, and remote authenticated administrators to execute arbitrary SQL commands via the 2 user parameter in a modif action to admin/index.php...

CVE-2009-1038

Multiple SQL injection vulnerabilities in YAP Blog 1.1.1 allow remote attackers to execute arbitrary SQL commands via the 1 imageid parameter to comments.php, and remote authenticated administrators to execute arbitrary SQL commands via the 2 user parameter in a modif action to admin/index.php...

CVE-2009-1038

CVE-2009-1038 concerns YAP Blog 1.1.1, which is reported to have multiple SQL injection vulnerabilities. The affected components are the (1) image_id parameter in comments.php and the (2) user parameter in a modif action to admin/index.php, potentially allowing an attacker to alter or read data v...

CVE-2009-1038

Multiple SQL injection vulnerabilities in YAP Blog 1.1.1 allow remote attackers to execute arbitrary SQL commands via the 1 imageid parameter to comments.php, and remote authenticated administrators to execute arbitrary SQL commands via the 2 user parameter in a modif action to admin/index.php...

Yap Blog 'index.php' Remote File Include Vulnerability

Yap Blog is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible. Versions prior to Yap Blog 1.1.1 are...

YAP 1.1.1 Blind SQL Injection

YAP 1.1.1 Blind SQL Injection/SQL Injection + Discovered By SirGod + www.mortal-team.org + www.h4cky0u.org + Blind SQL Injection The default prefix for database tables is "yap" .But can be changed at installation. PoC : http://127.0.0.1/path/comments.php?imageid=1 and asciisubstringSELECT...

Yap Blog < 1.1.1 RFI Vulnerability - Active Check

Yap Blog is prone to a remote file inclusion RFI vulnerability because it fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

YAP 1.1.1 - Blind SQL Injection / SQL Injection

YAP 1.1.1 Blind SQL Injection/SQL Injection + Discovered By SirGod + www.mortal-team.org + www.h4cky0u.org + Blind SQL Injection The default prefix for database tables is "yap" .But can be changed at installation. PoC : http://127.0.0.1/path/comments.php?imageid=1 and asciisubstringSELECT...

YAP 1.1.1 - Blind SQL Injection SQL Injection

YAP 1.1.1 - Blind SQL Injection SQL Injection + YAP 1.1.1 Blind SQL Injection/SQL Injection + Discovered By SirGod + www.mortal-team.org + www.h4cky0u.org + Blind SQL Injection The default prefix for database tables is "yap" .But can be changed at installation. PoC :...

YAP 1.1.1 (index.php page) Local File Inclusion Vulnerability

No description provided by source. YAP v1.1.1 Local File Inclusion Vulnerability AUTHOR : Alkindiii CONTACT : Alkindiii 4T islamway D0T net HOME : http://www.soqor.net Script : YAP Version : 1.1.1 Download v1.1 : http://wildmary.net-sauvage.com/share/yap1.1.tar.gz Update to v1.1.1 :...

YAP 1.1.1 (index.php page) Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ============================================================= YAP 1.1.1 index.php page Local File Inclusion Vulnerability ============================================================= YAP v1.1.1 Local File Inclusion Vulnerability AUTHOR :...

YAP 1.1.1 - &#039;index.php&#039; Local File Inclusion

YAP v1.1.1 Local File Inclusion Vulnerability AUTHOR : Alkindiii CONTACT : Alkindiii 4T islamway D0T net HOME : http://www.soqor.net Script : YAP Version : 1.1.1 Download v1.1 : http://wildmary.net-sauvage.com/share/yap1.1.tar.gz Update to v1.1.1 :...

YAP 1.1.1 - index.php Local File Inclusion

YAP 1.1.1 - index.php Local File Inclusion YAP v1.1.1 Local File Inclusion Vulnerability AUTHOR : Alkindiii CONTACT : Alkindiii 4T islamway D0T net HOME : http://www.soqor.net Script : YAP Version : 1.1.1 Download v1.1 : http://wildmary.net-sauvage.com/share/yap1.1.tar.gz Update to v1.1.1 :...

YAP 1.1 Remote / Local File Inclusion

YAP v1.1 Remote/Local File Inclusion Vulnerabilities AUTHOR : Alkindiii CONTACT : Alkindiii 4T islamway D0T net HOME : http://www.soqor.net Script : YAP Version : 1.1 Download : http://wildmary.net-sauvage.com/share/yap1.1.tar.gz RFI EXPLOIT : http://www.site.com/index.php?page=RFI LFI EXPLOIT :...