Lucene search
+L

147 matches found

Prion
Prion
added 2009/08/17 4:30 p.m.16 views

Sql injection

SQL injection vulnerability in forum.php in Arab Portal 2.x, when magicquotesgpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via the qc parameter in an addcomment action, a different vector than CVE-2006-1666...

6CVSS8.2AI score0.01214EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2009/08/17 4:0 p.m.42 views

CVE-2009-2781

CVE-2009-2781 describes an SQL injection in Arab Portal 2.x/forum.php where remote authenticated users can inject via the qc parameter in an addcomment action (when magic_quotes_gpc is disabled). This is a distinct vector from CVE-2006-1666. Affected: Arab Portal 2.x/2.0.1 stable forum.php compon...

6CVSS8.1AI score0.00732EPSS
Exploits1References2Affected Software1
Packet Storm
Packet Storm
added 2009/08/05 12:0 a.m.40 views

Arab Portal 2.x SQL Injection

getqc &&!isset$apt-getqp $qc = $apt-getqc; $result = $apt-query"select name,comment from rafiacomment where id='$qc'"; $row = $apt-dbarray$result; $apt-row'quote' = "\n\n\nQUOTE..... :".$row'name'."\n".$row'comment'."/QUOTE"; /code - Debug : code $qc = intval$apt-getqc; /code - Note : Path to...

0.5AI score
Exploits0
0day.today
0day.today
added 2009/08/01 12:0 a.m.442 views

Arab Portal v2.x (forum.php qc) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ============================================================ Arab Portal v2.x forum.php qc Remote SQL Injection Exploit ============================================================ getqc &&!isset$apt-getqp $qc = $apt-getqc; $result =...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2009/08/01 12:0 a.m.40 views

Arab Portal v2.x (forum.php qc) Remote SQL Injection Exploit

No description provided by source. ? / Arab Portal v2.x forum.php qc SQL Injection Exploit - Author : rEcruit - Mail : [email protected] - Download : http://arab-portal.net/download.php - Vuln in ./forum.php Line: 1503 code ifisset$apt-getqc &&!isset$apt-getqp $qc = $apt-getqc; $result =...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2009/08/01 12:0 a.m.24 views

Arab Portal 2.x - forum.php SQL Injection

Arab Portal 2.x - forum.php SQL Injection getqc &&!isset$apt-getqp $qc = $apt-getqc; $result = $apt-query"select name,comment from rafiacomment where id='$qc'"; $row = $apt-dbarray$result; $apt-row'quote' = "\n\n\nQUOTE..... :".$row'name'."\n".$row'comment'."/QUOTE"; /code - Debug : code $qc =...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2009/08/01 12:0 a.m.53 views

Arab Portal 2.x - 'forum.php' SQL Injection

getqc &&!isset$apt-getqp $qc = $apt-getqc; $result = $apt-query"select name,comment from rafiacomment where id='$qc'"; $row = $apt-dbarray$result; $apt-row'quote' = "\n\n\nQUOTE..... :".$row'name'."\n".$row'comment'."/QUOTE"; /code - Debug : code $qc = intval$apt-getqc; /code - Note : Path to...

7.4AI score
Exploits0
NVD
NVD
added 2009/06/05 9:30 p.m.16 views

CVE-2009-1948

Multiple directory traversal vulnerabilities in forum.php in Unclassified NewsBoard UNB 1.6.4, when registerglobals is enabled and magicquotesgpc is disabled, allow remote attackers to 1 read arbitrary recently-modified files via a .. dot dot in the GLOBALSfilename parameter or 2 include and...

5.1CVSS7.2AI score0.02023EPSS
Exploits1References5
Prion
Prion
added 2009/06/05 9:30 p.m.21 views

Sql injection

SQL injection vulnerability in the UnbDbEncode function in unblib/database.lib.php in Unclassified NewsBoard UNB 1.6.4 allows remote attackers to execute arbitrary SQL commands via the Query parameter in a search action to forum.php, a different vector than CVE-2005-3686...

7.5CVSS9AI score0.01294EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2009/06/05 9:30 p.m.16 views

CVE-2009-1947

SQL injection vulnerability in the UnbDbEncode function in unblib/database.lib.php in Unclassified NewsBoard UNB 1.6.4 allows remote attackers to execute arbitrary SQL commands via the Query parameter in a search action to forum.php, a different vector than CVE-2005-3686...

7.5CVSS8.2AI score0.00993EPSS
Exploits1References4
CVE
CVE
added 2009/06/05 9:0 p.m.66 views

CVE-2009-1948

CVE-2009-1948 : Multiple directory traversal vulnerabilities in Unclassified NewsBoard (UNB) 1.6.4, triggered when register_globals is enabled and magic_quotes_gpc is disabled. An attacker can cause a local file read by inserting a .. path in the GLOBALS[filename] parameter, or include and execut...

5.1CVSS7.4AI score0.02023EPSS
Exploits1References5Affected Software1
Packet Storm
Packet Storm
added 2009/06/03 12:0 a.m.23 views

Escon SupportPortal Pro 3.0 SQL Injection

Autor : OzX Sitio : Foro.Undersecurity.net Cms : Escon SupportPortal Pro Version : 3.0 Sitio: http://www.e-supportportal.com Tipo Vulnz : Blind Sql Injection Archivo : forum.php Parametro Vulnerable 1 : cat Parametro Vulnerable 2 : tid Source Vulnz forum.php: 60 - if$REQUEST"a"=="rss" 61 -...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2009/06/01 12:0 a.m.24 views

Escon SupportPortal Pro 3.0 - tid Blind SQL Injection

Escon SupportPortal Pro 3.0 - tid Blind SQL Injection Autor : OzX Sitio : Foro.Undersecurity.net Cms : Escon SupportPortal Pro Version : 3.0 Sitio: http://www.e-supportportal.com Tipo Vulnz : Blind Sql Injection Archivo : forum.php Parametro Vulnerable 1 : cat Parametro Vulnerable 2 : tid Source...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2009/06/01 12:0 a.m.43 views

Escon SupportPortal Pro 3.0 - 'tid' Blind SQL Injection

Autor : OzX Sitio : Foro.Undersecurity.net Cms : Escon SupportPortal Pro Version : 3.0 Sitio: http://www.e-supportportal.com Tipo Vulnz : Blind Sql Injection Archivo : forum.php Parametro Vulnerable 1 : cat Parametro Vulnerable 2 : tid Source Vulnz forum.php: 60 - if$REQUEST"a"=="rss" 61 -...

7.4AI score
Exploits0
0day.today
0day.today
added 2009/06/01 12:0 a.m.31 views

Escon SupportPortal Pro 3.0 (tid) Blind SQL Injection Vulnerability

Exploit for unknown platform in category web applications =================================================================== Escon SupportPortal Pro 3.0 tid Blind SQL Injection Vulnerability =================================================================== Autor : OzX Sitio :...

6.6AI score
Exploits0
NVD
NVD
added 2009/02/27 5:30 p.m.8 views

CVE-2008-6345

SQL injection vulnerability in Forum.php in SolarCMS 0.53.8 and 1.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter to indes.php. NOTE: some of these details are obtained from third party information...

7.5CVSS8.4AI score0.00973EPSS
Exploits1References3
Prion
Prion
added 2009/02/27 5:30 p.m.12 views

Sql injection

SQL injection vulnerability in Forum.php in SolarCMS 0.53.8 and 1.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter to indes.php. NOTE: some of these details are obtained from third party information...

7.5CVSS9.1AI score0.00973EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2009/02/27 5:0 p.m.18 views

CVE-2008-6345

SQL injection vulnerability in Forum.php in SolarCMS 0.53.8 and 1.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter to indes.php. NOTE: some of these details are obtained from third party information...

8.4AI score0.00973EPSS
Exploits1References3
CVE
CVE
added 2009/02/27 5:0 p.m.46 views

CVE-2008-6345

CVE-2008-6345 describes an SQL injection in SolarCMS's Forum.php (SolarCMS 0.53.8 and 1.0). The vulnerability allows remote attackers to inject SQL commands via the cat parameter to indes.php, potentially compromising database contents and integrity. The description and connected records confirm ...

7.5CVSS8.7AI score0.00973EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2008/10/27 8:0 p.m.15 views

Sql injection

SQL injection vulnerability in forum.php in Scripts for Sites SFS Ez Forum allows remote attackers to execute arbitrary SQL commands via the forum parameter...

5.8CVSS9.1AI score0.03129EPSS
Exploits1References6
Rows per page
Query Builder