Lucene search
K

82 matches found

NVD
NVD
added 2013/07/29 11:27 p.m.10 views

CVE-2013-4952

SQL injection vulnerability in functions/global.php in Elemata CMS RC 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter...

7.5CVSS8.4AI score0.01071EPSS
Exploits1References1
Prion
Prion
added 2012/08/30 10:55 p.m.15 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in global.php in MyBB before 1.6.5 allows remote attackers to hijack the authentication of a user for requests that change the user's language via the language parameter...

6.8CVSS7.6AI score0.01047EPSS
Exploits0References6Affected Software1
exploitpack
exploitpack
added 2010/08/23 12:0 a.m.42 views

4Images 1.7.8 - Remote File Inclusion

4Images 1.7.8 - Remote File Inclusion Exploit Title: 4images1.7.8 Remote File Include Date: 23-8-2010 Author: LoSt.HaCkEr / aDaMTRoJaN Software Link: http://www.4homepages.de/4images/download.php Version: v 1.7.8 Tested on: Windows XP CVE : Contact: LoSt.HaCkEratyahoodotcom /0r/ ...

7.5AI score
Exploits0
Exploit DB
Exploit DB
added 2010/08/23 12:0 a.m.41 views

4Images 1.7.8 - Remote File Inclusion

Exploit Title: 4images1.7.8 Remote File Include Date: 23-8-2010 Author: LoSt.HaCkEr / aDaMTRoJaN Software Link: http://www.4homepages.de/4images/download.php Version: v 1.7.8 Tested on: Windows XP CVE : Contact: LoSt.HaCkEratyahoodotcom /0r/ [email protected]...

7.4AI score
Exploits0
0day.today
0day.today
added 2010/07/28 12:0 a.m.10 views

EggBlogg 4.1 <= LFI Vulnerability

Exploit for php platform in category web applications ================================= EggBlogg 4.1 = LFI Vulnerability ================================= Exploit Title: EggBlogg 4.1 = LFI Date: 28 luglio 2010 Author: Anti Sec Software Link: http://eggblog.net/ Version: 4.1 Google dork : Eggblogg...

7.1AI score
Exploits0
0day.today
0day.today
added 2010/06/12 12:0 a.m.16 views

CMS control panel v2.0 Edit File Vulnerability

Exploit for php platform in category web applications ============================================== CMS control panel v2.0 Edit File Vulnerability ============================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /...

7.1AI score
Exploits0
Prion
Prion
added 2009/06/19 6:0 p.m.18 views

Directory traversal

Directory traversal vulnerability in global.php in 4images before 1.7.7, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the l parameter...

6.8CVSS7.7AI score0.02104EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2009/06/19 5:32 p.m.21 views

CVE-2009-2132

Directory traversal vulnerability in global.php in 4images before 1.7.7, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the l parameter...

7.2AI score0.02104EPSS
Exploits1References3
CVE
CVE
added 2009/06/19 5:32 p.m.58 views

CVE-2009-2132

CVE-2009-2132 describes a directory traversal vulnerability in the PHP script global.php of 4images prior to 1.7.7. When magic_quotes_gpc is disabled, an attacker can use directory traversal sequences in the l parameter to include and execute arbitrary local files. Documents do not provide exploi...

6.8CVSS7.4AI score0.02104EPSS
Exploits1References3Affected Software1
myhack58
myhack58
added 2009/06/01 12:0 a.m.256 views

DreamArticle 3.0 background the validation logic vulnerability and injection vulnerabilities, resulting in a direct login to backend-bug warning-the black bar safety net

Team: bbs.wolvez.org By q1ur3n 在 admin/global.php there is such a piece of code, used to implement the”remember password”in the login back-office functions. $administrator = getcookie"administrator"; $adminpassword = getcookie"adminpassword"; if $administrator && $adminpassword...

7.2AI score
Exploits0
seebug.org
seebug.org
added 2009/02/15 12:0 a.m.27 views

4Images 1.7.6 Local Inclusion Vulnerability

Bug file : global.php if isset$HTTPGETVARS'l' || isset$HTTPPOSTVARS'l' $requestedl = isset$HTTPGETVARS'l' ? trim$HTTPGETVARS'l' : trim$HTTPPOSTVARS'l'; if $requestedl != $config'languagedir' && fileexistsROOTPATH.'lang/'.$requestedl.'/main.php' $l = $requestedl; $config'languagedir' = $l;...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/12/04 12:0 a.m.17 views

Multi SEO phpBB 1.1.0 (pfad) Remote File Inclusion Vulnerability

No description provided by source. ========================================================================== o Multi SEO phpBB 1.1.0 Remote File Inclusion Vulnerability Software : Multi SEO phpBB version 1.1.0 Vendor : http://www.phpbb-seo.de/ Download :...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2008/12/03 12:0 a.m.11 views

Multi SEO phpBB 1.1.0 - Remote File Inclusion

Multi SEO phpBB 1.1.0 - Remote File Inclusion ========================================================================== o Multi SEO phpBB 1.1.0 Remote File Inclusion Vulnerability Software : Multi SEO phpBB version 1.1.0 Vendor : http://www.phpbb-seo.de/ Download :...

0.1AI score
Exploits0
0day.today
0day.today
added 2008/12/03 12:0 a.m.20 views

Multi SEO phpBB 1.1.0 (pfad) Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ================================================================ Multi SEO phpBB 1.1.0 pfad Remote File Inclusion Vulnerability ================================================================...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/12/03 12:0 a.m.37 views

Multi SEO phpBB 1.1.0 - Remote File Inclusion

========================================================================== o Multi SEO phpBB 1.1.0 Remote File Inclusion Vulnerability Software : Multi SEO phpBB version 1.1.0 Vendor : http://www.phpbb-seo.de/ Download : http://www.phpbb-seo.de/downloads/multi.html Author : NoGe Contact :...

7AI score
Exploits0
myhack58
myhack58
added 2008/09/29 12:0 a.m.19 views

iShowMusic V1. 2 direct write shell vulnerability-vulnerability warning-the black bar safety net

By qiur3n http://www.wolvez.org/ 2008-06-17 iShow Music is a basic set in the PHP+TXT online music player. The program uses text data stored in a way, without MYSQL database support, and the program code and interface templates separated, and easy to your music website interface to modify. Offici...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2008/08/18 12:0 a.m.32 views

PHP Live Helper 2.0.1 - Multiple Vulnerabilities

GulfTech Security Research August 16, 2008 Vendor : Turnkey Web Tools, Inc URL : http://www.turnkeywebtools.com Version : PHP Live Helper DBsite-queryfirst"SELECT FROM ". $this-dbprefix.$table." where ".$from."='$id'"; if isarray$result foreach $result as $key = $val $info$key = stripslashes$val;...

7.4AI score
Exploits0
0day.today
0day.today
added 2008/05/19 12:0 a.m.67 views

MercuryBoard <= 1.1.5 (login.php) Remote Blind SQL Injection Exploit

Exploit for unknown platform in category web applications ==================================================================== MercuryBoard settitle$this-lang-loginheader; 55. $this-tree$this-lang-loginheader; 56. 57. //print "agent: $this-agent\n"; 58. 59. if !isset$this-post'submit' 60...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2008/05/19 12:0 a.m.27 views

MercuryBoard 1.1.5 - login.php Blind SQL Injection

MercuryBoard 1.1.5 - login.php Blind SQL Injection settitle$this-lang-loginheader; 55. $this-tree$this-lang-loginheader; 56. 57. //print "agent: $this-agent\n"; 58. 59. if !isset$this-post'submit' 60. $requesturi = $this-geturi; 61. 62. if substr$requesturi, -8 == 'register' 63. $requesturi =...

0.1AI score
Exploits0
seebug.org
seebug.org
added 2008/03/28 12:0 a.m.10 views

sablog 1.6 多个跨站漏洞

sablog是国内安全研究人员写的一款blog程序。由于过滤不严,存在多个跨站漏洞 www.sablog.net sablog 1.6 在global.php中过滤curl,cid,setday等 $modelink = ''; if $action $modelink .= '&action='.$action; if $curl $modelink .= '&curl='.htmlspecialchars$curl; if $cid $modelink .= '&cid='.htmlspecialchars$cid; if $setdate $modelink .=...

7.1AI score
Exploits0
Rows per page
Query Builder