29 matches found
EUVD-2007-5084
Malware in sbrugna...
CVE-2014-2224
Plogger 1.0 RC1 and earlier, when the Lucid theme is used, does not assign new values for certain codes, which makes it easier for remote attackers to bypass the CAPTCHA protection mechanism via a series of form submissions...
CVE-2014-2224
Plogger 1.0 RC1 and earlier, when the Lucid theme is used, does not assign new values for certain codes, which makes it easier for remote attackers to bypass the CAPTCHA protection mechanism via a series of form submissions...
Unrestricted file upload
Unrestricted file upload vulnerability in plog-admin/plog-upload.php in Plogger 1.0 RC1 and earlier allows remote authenticated users to execute arbitrary code by uploading a ZIP file that contains a PHP file and a non-zero length PNG file, then accessing the PHP file via a direct request to it i...
Plogger 1.0-RC1 - (Authenticated) Arbitrary File Upload
Plogger 1.0-RC1 - Authenticated Arbitrary File Upload !/usr/bin/env python Exploit Title: Plogger Authenticated Arbitrary File Upload Date: Feb 2014 Exploit Author: b0z Vendor Homepage: www.plogger.org Software Link: www.plogger.org/download Version: Plogger prior to 1.0-RC1 CVE : 2014-2223 impor...
PloggerGallery 1.0 RC1 CSRF / XSS / SQL Injection Vulnerabilities
PloggerGallery version 1.0 RC1 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities. ------------------------------------------------------------------------- Software : PloggerGallery Version 1.0 RC1 Author : Saadat Ullah Date : 2/3/13 Dork : Us...
PloggerGallery 1.0 RC1 CSRF / XSS / SQL Injection
------------------------------------------------------------------------- Software : PloggerGallery Version 1.0 RC1 Author : Saadat Ullah Date : 2/3/13 Dork : Use Ur Mind Software Link : http://www.plogger.org/download/ ------------------------------------------------------------------------- +--...
Plogger 1.0 RC1 Cross Site Scripting
HTTPCS Advisory : HTTPCS83 Product : Plogger Version : 1.0 RC1 Date : 2012-08-28 Criticality level : Less Critical Description : A vulnerability has been discovered in Plogger, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the 'sortby'...
Netjuke 1.0 RC1 - SQL Injection Vulnerabilities
Title: ====== Netjuke 1.0 RC1 - SQL Injection Vulnerabilities Date: ===== 2012-04-12 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=506 VL-ID: ===== 506 Introduction: ============= The Netjuke is a Web-Based Audio Streaming Jukebox powered by PHP 4, a database and all...
phpBLASTER 1.0 RC1 - Blind SQL Injection
--+++============================================================+++-- --+++====== phpBLASTER 1.0 RC1 Blind SQL Injection Exploit ======+++-- --+++============================================================+++-- 4 return true; else return false; function run $hostname, $path, $username $key =...
phpBLASTER CMS 1.0 RC1 Multiple Local File Inclusion Vulnerabilities
No description provided by source. ┌┌───────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rise...
phpblaster-lfi.txt
┌┌───────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐...
Mambo Component mambads 1.0 RC1 Beta - SQL Injection
Mambo Component mambads 1.0 RC1 Beta - SQL Injection !/usr/bin/perl -w Mambo Component mambads 1.0 RC1 Beta & 1.0 RC1 Remote SQL Injection Found by : Houssamix From H-T Team H-T Team HouSSaMix + ToXiC350 from MoroCCo Greetz : Stack & CoNaN & HaCkeREgY & room-hacker & Hak3r-b0y & All friends & All...
Mambo Component mambads 1.0 RC1 Beta - SQL Injection
!/usr/bin/perl -w Mambo Component mambads 1.0 RC1 Beta & 1.0 RC1 Remote SQL Injection Found by : Houssamix From H-T Team H-T Team HouSSaMix + ToXiC350 from MoroCCo Greetz : Stack & CoNaN & HaCkeREgY & room-hacker & Hak3r-b0y & All friends & All muslims HaCkeRs : ScriptName: "Mambo" ComponentName:...
SA-2008-023 - Ubercart - Cross site scripting
During checkout in Ubercart enabled stores, customers have text fields in which to enter their address and order information. Some stores will have modules enabled that restrict what sort of values are accepted in these fields, but this is not the case for everyone. This provides an opportunity f...
Remote file inclusion
PHP remote file inclusion vulnerability in config.inc.php in Wordsmith 1.0 RC1, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path parameter...
CVE-2007-5102
PHP remote file inclusion vulnerability in config.inc.php in Wordsmith 1.0 RC1, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path parameter...
CVE-2007-5103
Directory traversal vulnerability in config.inc.php in Wordsmith 1.0 RC1, when registerglobals is enabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the path parameter...
CVE-2007-5103
Directory traversal vulnerability in config.inc.php in Wordsmith 1.0 RC1, when registerglobals is enabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the path parameter...
CVE-2007-5102
PHP remote file inclusion vulnerability in config.inc.php in Wordsmith 1.0 RC1, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path parameter...