Invision Power Board 1.0/1.1/1.2 Admin.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8381/info Invision Power Board admin.php script reported prone to a cross-site scripting vulnerability. The issue presents itself due to a lack of sufficient sanitization performed by functions in an Invision Power Board...

OFFL <= 0.2.6 (teams.php fflteam) Remote SQL Injection Vulnerability

No description provided by source. -+================================================================================+- -+ OFFL = 0.2.6 Remote SQL Injection Vulnerability +- -+================================================================================+- Discovered By: t0pP8uZz Discovered On:...

eTicket 1.5.5.2 admin.php Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/27173/info eTicket is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. These vulnerabilities include multiple SQL-injection issues, a cross-site...

Easynews <= 4.4.1 (admin.php) Authentication Bypass Vulnerability

No description provided by source. +------------------------------------------------------------------------------------------- + Easynews = 4.4.1 admin.php Authentication Bypass Vulnerability +------------------------------------------------------------------------------------------- + Affected...

flashlight free edition (lfi/sql) Multiple Vulnerabilities

No description provided by source. XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Flashlight Free Edition - LFI/SQL Multiple Remote Vul XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX RATM: All hell can't stop us now! XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX...

GNU/Gallery <= 1.1.1.0 (admin.php) Local File Inclusion Vulnerability

No description provided by source. --==+================================================================================+==-- --==+ GNU/Gallery = 1.1.1.0 admin.php Local File Inclusion Vulnerability +==-- --==+================================================================================+==--...

Vikingboard 0.1.2 admin.php act Parameter Traversal Arbitrary File Access

No description provided by source. source: http://www.securityfocus.com/bid/21196/info Vikingboard is prone to multiple HTML-injection vulnerabilities and a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues may allow an...

mcGallery 1.1 - admin.php lang Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/28587/info mcGallery is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the...

RoseOnlineCMS <= 3 B1 Remote Login Bypass Exploit

No description provided by source. '/ -.- --------------------oOO------OOo------------------- | RoseOnlineCMS = 3 B1 Remote Login Bypass Exploit | | works only with magicquotesgpc = off | ------------------------------------------------------ ! Discovered: cr4wl3r cr4wl3r!linuxmail.org ! Download...

NPDS 4.8 /5.0 admin.php language Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks. This may...

OpenDocMan 1.2.5 admin.php last_message Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/36777/info OpenDocMan is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an...

Bloq 0.5.4 admin.php page[path] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/20512/info Bloq is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to compromise the application and the...

ecoCMS 18.4.2010 'admin.php' Cross Site Scripting Vulnerability

No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register from urlparse import urljoin class TestPOCPOCBase: vulID = 'SSV-87089' vul ID version = '1' author = 'fenghh' vulDate =...

Aperto Blog 0.1.1 - Local File Inclusion / SQL Injection Vulnerabilities

No description provided by source. =========================================================================================================== o Aperto Blog 0.1.1 Local File Inclusion and SQL Injection Vulnerabilities Software : Aperto Blog version 0.1.1 Vendor :...

MKPortal 1.0/1.1 Admin.PHP Authentication Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25515/info MKPortal is prone to an authentication-bypass vulnerability because it fails to restrict access to certain administrative functions. Attackers can exploit this issue to gain unauthorized access to the...

Phorum 5.1.20 admin.php modsettings Module smiley_id Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/23616/info Phorum is prone to multiple input-validation vulnerabilities, including an unauthorized-access issue, privilege-escalation issue, multiple SQL-injection issues, and cross-site scripting issues, because the...

e107 website system 0.7.5 admin.php Query String (PATH_INFO) Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/19997/info e107 CMS is prone to multiple cross-site scripting vulnerabilities because the application fails to sanitize user-supplied input. An attacker may levearge this issue to have arbitrary script code execute in the...

Phorum 5.1.20 admin.php badwords/banlist Module SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/23616/info Phorum is prone to multiple input-validation vulnerabilities, including an unauthorized-access issue, privilege-escalation issue, multiple SQL-injection issues, and cross-site scripting issues, because the...

Xoops 2.0.18 modules/system/admin.php fct Parameter Traversal Local File Inclusion

No description provided by source...

Phorum 5.1.20 admin.php Groups Module group_id Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/23616/info Phorum is prone to multiple input-validation vulnerabilities, including an unauthorized-access issue, privilege-escalation issue, multiple SQL-injection issues, and cross-site scripting issues, because the...