FengCms 1.19 /admin.php 登录绕过漏洞

No description provided by source...

Invision Power Board 1.0/1.1/1.2 Admin.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8381/info Invision Power Board admin.php script reported prone to a cross-site scripting vulnerability. The issue presents itself due to a lack of sufficient sanitization performed by functions in an Invision Power Board...

PHPNuke 6.x Category Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9630/info It has been reported that PHPNuke may prone to a SQL injection vulnerability, due to insufficient sanitization user-supplied input. The problem is reported to exist in the $category variable contained within the...

OFFL <= 0.2.6 (teams.php fflteam) Remote SQL Injection Vulnerability

No description provided by source. -+================================================================================+- -+ OFFL = 0.2.6 Remote SQL Injection Vulnerability +- -+================================================================================+- Discovered By: t0pP8uZz Discovered On:...

eTicket 1.5.5.2 admin.php Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/27173/info eTicket is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. These vulnerabilities include multiple SQL-injection issues, a cross-site...

Easynews <= 4.4.1 (admin.php) Authentication Bypass Vulnerability

No description provided by source. +------------------------------------------------------------------------------------------- + Easynews = 4.4.1 admin.php Authentication Bypass Vulnerability +------------------------------------------------------------------------------------------- + Affected...

flashlight free edition (lfi/sql) Multiple Vulnerabilities

No description provided by source. XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Flashlight Free Edition - LFI/SQL Multiple Remote Vul XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX RATM: All hell can't stop us now! XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX...

GNU/Gallery <= 1.1.1.0 (admin.php) Local File Inclusion Vulnerability

No description provided by source. --==+================================================================================+==-- --==+ GNU/Gallery = 1.1.1.0 admin.php Local File Inclusion Vulnerability +==-- --==+================================================================================+==--...

Vikingboard 0.1.2 admin.php act Parameter Traversal Arbitrary File Access

No description provided by source. source: http://www.securityfocus.com/bid/21196/info Vikingboard is prone to multiple HTML-injection vulnerabilities and a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues may allow an...

NPDS 4.8 /5.0 admin.php language Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks. This may...

mcGallery 1.1 - admin.php lang Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/28587/info mcGallery is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the...

RoseOnlineCMS <= 3 B1 Remote Login Bypass Exploit

No description provided by source. '/ -.- --------------------oOO------OOo------------------- | RoseOnlineCMS = 3 B1 Remote Login Bypass Exploit | | works only with magicquotesgpc = off | ------------------------------------------------------ ! Discovered: cr4wl3r cr4wl3r!linuxmail.org ! Download...

OpenDocMan 1.2.5 admin.php last_message Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/36777/info OpenDocMan is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an...

Bloq 0.5.4 admin.php page[path] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/20512/info Bloq is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to compromise the application and the...

ecoCMS 18.4.2010 'admin.php' Cross Site Scripting Vulnerability

No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register from urlparse import urljoin class TestPOCPOCBase: vulID = 'SSV-87089' vul ID version = '1' author = 'fenghh' vulDate =...

Aperto Blog 0.1.1 - Local File Inclusion / SQL Injection Vulnerabilities

No description provided by source. =========================================================================================================== o Aperto Blog 0.1.1 Local File Inclusion and SQL Injection Vulnerabilities Software : Aperto Blog version 0.1.1 Vendor :...

MKPortal 1.0/1.1 Admin.PHP Authentication Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25515/info MKPortal is prone to an authentication-bypass vulnerability because it fails to restrict access to certain administrative functions. Attackers can exploit this issue to gain unauthorized access to the...

e107 website system 0.7.5 admin.php Query String (PATH_INFO) Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/19997/info e107 CMS is prone to multiple cross-site scripting vulnerabilities because the application fails to sanitize user-supplied input. An attacker may levearge this issue to have arbitrary script code execute in the...

Phorum 5.1.20 admin.php modsettings Module smiley_id Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/23616/info Phorum is prone to multiple input-validation vulnerabilities, including an unauthorized-access issue, privilege-escalation issue, multiple SQL-injection issues, and cross-site scripting issues, because the...

Xoops 2.0.18 modules/system/admin.php fct Parameter Traversal Local File Inclusion

No description provided by source...