147 matches found
Sql injection
SQL injection vulnerability in forum.php in Arab Portal 2.x, when magicquotesgpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via the qc parameter in an addcomment action, a different vector than CVE-2006-1666...
CVE-2009-2781
CVE-2009-2781 describes an SQL injection in Arab Portal 2.x/forum.php where remote authenticated users can inject via the qc parameter in an addcomment action (when magic_quotes_gpc is disabled). This is a distinct vector from CVE-2006-1666. Affected: Arab Portal 2.x/2.0.1 stable forum.php compon...
Arab Portal 2.x SQL Injection
getqc &&!isset$apt-getqp $qc = $apt-getqc; $result = $apt-query"select name,comment from rafiacomment where id='$qc'"; $row = $apt-dbarray$result; $apt-row'quote' = "\n\n\nQUOTE..... :".$row'name'."\n".$row'comment'."/QUOTE"; /code - Debug : code $qc = intval$apt-getqc; /code - Note : Path to...
Arab Portal v2.x (forum.php qc) Remote SQL Injection Exploit
Exploit for unknown platform in category web applications ============================================================ Arab Portal v2.x forum.php qc Remote SQL Injection Exploit ============================================================ getqc &&!isset$apt-getqp $qc = $apt-getqc; $result =...
Arab Portal v2.x (forum.php qc) Remote SQL Injection Exploit
No description provided by source. ? / Arab Portal v2.x forum.php qc SQL Injection Exploit - Author : rEcruit - Mail : [email protected] - Download : http://arab-portal.net/download.php - Vuln in ./forum.php Line: 1503 code ifisset$apt-getqc &&!isset$apt-getqp $qc = $apt-getqc; $result =...
Arab Portal 2.x - forum.php SQL Injection
Arab Portal 2.x - forum.php SQL Injection getqc &&!isset$apt-getqp $qc = $apt-getqc; $result = $apt-query"select name,comment from rafiacomment where id='$qc'"; $row = $apt-dbarray$result; $apt-row'quote' = "\n\n\nQUOTE..... :".$row'name'."\n".$row'comment'."/QUOTE"; /code - Debug : code $qc =...
Arab Portal 2.x - 'forum.php' SQL Injection
getqc &&!isset$apt-getqp $qc = $apt-getqc; $result = $apt-query"select name,comment from rafiacomment where id='$qc'"; $row = $apt-dbarray$result; $apt-row'quote' = "\n\n\nQUOTE..... :".$row'name'."\n".$row'comment'."/QUOTE"; /code - Debug : code $qc = intval$apt-getqc; /code - Note : Path to...
CVE-2009-1948
Multiple directory traversal vulnerabilities in forum.php in Unclassified NewsBoard UNB 1.6.4, when registerglobals is enabled and magicquotesgpc is disabled, allow remote attackers to 1 read arbitrary recently-modified files via a .. dot dot in the GLOBALSfilename parameter or 2 include and...
Sql injection
SQL injection vulnerability in the UnbDbEncode function in unblib/database.lib.php in Unclassified NewsBoard UNB 1.6.4 allows remote attackers to execute arbitrary SQL commands via the Query parameter in a search action to forum.php, a different vector than CVE-2005-3686...
CVE-2009-1947
SQL injection vulnerability in the UnbDbEncode function in unblib/database.lib.php in Unclassified NewsBoard UNB 1.6.4 allows remote attackers to execute arbitrary SQL commands via the Query parameter in a search action to forum.php, a different vector than CVE-2005-3686...
CVE-2009-1948
CVE-2009-1948 : Multiple directory traversal vulnerabilities in Unclassified NewsBoard (UNB) 1.6.4, triggered when register_globals is enabled and magic_quotes_gpc is disabled. An attacker can cause a local file read by inserting a .. path in the GLOBALS[filename] parameter, or include and execut...
Escon SupportPortal Pro 3.0 SQL Injection
Autor : OzX Sitio : Foro.Undersecurity.net Cms : Escon SupportPortal Pro Version : 3.0 Sitio: http://www.e-supportportal.com Tipo Vulnz : Blind Sql Injection Archivo : forum.php Parametro Vulnerable 1 : cat Parametro Vulnerable 2 : tid Source Vulnz forum.php: 60 - if$REQUEST"a"=="rss" 61 -...
Escon SupportPortal Pro 3.0 - tid Blind SQL Injection
Escon SupportPortal Pro 3.0 - tid Blind SQL Injection Autor : OzX Sitio : Foro.Undersecurity.net Cms : Escon SupportPortal Pro Version : 3.0 Sitio: http://www.e-supportportal.com Tipo Vulnz : Blind Sql Injection Archivo : forum.php Parametro Vulnerable 1 : cat Parametro Vulnerable 2 : tid Source...
Escon SupportPortal Pro 3.0 - 'tid' Blind SQL Injection
Autor : OzX Sitio : Foro.Undersecurity.net Cms : Escon SupportPortal Pro Version : 3.0 Sitio: http://www.e-supportportal.com Tipo Vulnz : Blind Sql Injection Archivo : forum.php Parametro Vulnerable 1 : cat Parametro Vulnerable 2 : tid Source Vulnz forum.php: 60 - if$REQUEST"a"=="rss" 61 -...
Escon SupportPortal Pro 3.0 (tid) Blind SQL Injection Vulnerability
Exploit for unknown platform in category web applications =================================================================== Escon SupportPortal Pro 3.0 tid Blind SQL Injection Vulnerability =================================================================== Autor : OzX Sitio :...
CVE-2008-6345
SQL injection vulnerability in Forum.php in SolarCMS 0.53.8 and 1.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter to indes.php. NOTE: some of these details are obtained from third party information...
Sql injection
SQL injection vulnerability in Forum.php in SolarCMS 0.53.8 and 1.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter to indes.php. NOTE: some of these details are obtained from third party information...
CVE-2008-6345
SQL injection vulnerability in Forum.php in SolarCMS 0.53.8 and 1.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter to indes.php. NOTE: some of these details are obtained from third party information...
CVE-2008-6345
CVE-2008-6345 describes an SQL injection in SolarCMS's Forum.php (SolarCMS 0.53.8 and 1.0). The vulnerability allows remote attackers to inject SQL commands via the cat parameter to indes.php, potentially compromising database contents and integrity. The description and connected records confirm ...
Sql injection
SQL injection vulnerability in forum.php in Scripts for Sites SFS Ez Forum allows remote attackers to execute arbitrary SQL commands via the forum parameter...