17 matches found
EUVD-2012-5227
Malware in sbrugna...
EUVD-2012-1582
Malware in sbrugna...
CVE-2012-5304
Static code injection vulnerability in administration/install.php in YVS Image Gallery allows remote attackers to inject arbitrary PHP code into functions/dbconnect.php via unspecified vectors. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the...
YVS Image Gallery SQL Injection
No description provided by source. -=+ Application: YVS Image Gallery -=+ Version: 0.0.0.1 -=+ Vendor's URL: http://yvs.vacau.com/gallery.html -=+ Platform: Windows\Linux\Unix -=+ Bug type: Sql INJECTIONS -=+ Exploitation: Remote -=- -=+ Author: Corrado Liotta Aka CorryL corryl80atgmaildotcom -=+...
CVE-2012-5304
Static code injection vulnerability in administration/install.php in YVS Image Gallery allows remote attackers to inject arbitrary PHP code into functions/dbconnect.php via unspecified vectors. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the...
CVE-2012-5304
Summary: CVE-2012-5304 refers to a static code injection vulnerability in the YVS Image Gallery, specifically in administration/install.php, allowing remote attackers to inject arbitrary PHP code into functions/db_connect.php via unspecified vectors. The vulnerability is noted to occur when admin...
CVE-2012-5304
Static code injection vulnerability in administration/install.php in YVS Image Gallery allows remote attackers to inject arbitrary PHP code into functions/dbconnect.php via unspecified vectors. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the...
CVE-2012-1564
Cross-site scripting XSS vulnerability in administration/createalbum.php in YVS Image Gallery allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in administration/createalbum.php in YVS Image Gallery allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2012-1564
The CVE-2012-1564 entry concerns a Cross-site scripting (XSS) vulnerability in the YVS Image Gallery, specifically in administration/create_album.php. The vulnerability allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. The available connected documents confir...
CVE-2012-1564
Cross-site scripting XSS vulnerability in administration/createalbum.php in YVS Image Gallery allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
YVS Image Gallery Sql injection
-=--------------------ADVISORY-------------------=- YVS Image Gallery Author: Corrado Liotta Aka CorryL [email protected] -=-----------------------------------------------=- -=+ Application: YVS Image Gallery -=+ Version: 0.0.0.1 -=+ Vendor's URL: http://yvs.vacau.com/gallery.html -=+ Platform:...
Case YVS Image Gallery
http://osvdb.org/show/osvdb/79477 The software "YVS Image Gallery" seems to be full of security issues. For example one can have lots of fun with this. Copy from installation.php: """ caseisset$POST'dbname': $host = $POST'host'; $dbname = $POST'dbname'; $dbusername = $POST'dbusername'; $dbpasswor...
YVS Image Gallery Sql Injection
Exploit for php platform in category web applications -=+ Application: YVS Image Gallery -=+ Version: 0.0.0.1 -=+ Vendor's URL: http://yvs.vacau.com/gallery.html -=+ Platform: Windows\Linux\Unix -=+ Bug type: Sql INJECTIONS -=+ Exploitation: Remote -=- -=+ Author: Corrado Liotta Aka CorryL...
YVS Image Gallery - SQL Injection
YVS Image Gallery - SQL Injection -=+ Application: YVS Image Gallery -=+ Version: 0.0.0.1 -=+ Vendor's URL: http://yvs.vacau.com/gallery.html -=+ Platform: Windows\Linux\Unix -=+ Bug type: Sql INJECTIONS -=+ Exploitation: Remote -=- -=+ Author: Corrado Liotta Aka CorryL corryl80atgmaildotcom -=+...
YVS Image Gallery - SQL Injection
-=+ Application: YVS Image Gallery -=+ Version: 0.0.0.1 -=+ Vendor's URL: http://yvs.vacau.com/gallery.html -=+ Platform: Windows\Linux\Unix -=+ Bug type: Sql INJECTIONS -=+ Exploitation: Remote -=- -=+ Author: Corrado Liotta Aka CorryL corryl80atgmaildotcom -=+ Facebook:...
YVS Image Gallery SQL Injection
-=--------------------ADVISORY-------------------=- YVS Image Gallery Author: Corrado Liotta Aka CorryL [email protected] -=-----------------------------------------------=- -=+ Application: YVS Image Gallery -=+ Version: 0.0.0.1 -=+ Vendor's URL: http://yvs.vacau.com/gallery.html -=+ Platform:...