128 matches found
Booking Centre 2.01 (HotelID) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ================================================================ Booking Centre 2.01 HotelID Remote SQL Injection Vulnerability ================================================================...
CVE-2004-2735
CVE-2004-2735 describes a Cross-site scripting (XSS) vulnerability affecting P4DB 2.01 and earlier. The issue allows remote attackers to inject arbitrary web script or HTML by supplying crafted input through a long list of parameters across multiple CGI scripts (e.g., SetPreferences.cgi, branchVi...
CVE-2007-4551
CVE-2007-4551 is a PHP remote file inclusion vulnerability affecting Agares Media Arcadem 2.01. The issue occurs in index.php where the loadpage parameter can be used to include arbitrary PHP code, enabling remote code execution. The provided documents do not specify a fixed vulnerable version be...
CVE-2007-4552
CVE-2007-4552 affects Agares Media Arcadem 2.01. The vulnerability is an SQL injection in index.php exploitable via the blockpage parameter, enabling remote execution of arbitrary SQL. CVSS v2.0: 7.5 (HIGH), vector AV:N/AC:L/Au:N/C:P/I:P/A:P; network attack, no authentication, low complexity, par...
CVE-2007-4552
SQL injection vulnerability in index.php in Agares Media Arcadem 2.01 allows remote attackers to execute arbitrary SQL commands via the blockpage parameter. NOTE: as of 20070827, the vendor has made conflicting statements regarding whether this issue exists or not...
Arcadem 2.01 Remote SQL Injection / RFI Vulnerabilties
No description provided by source. Arcadem Remote File Inclusion Flaw / SQL Injection Software: Arcadem 2.01 Vendor link: http://agaresmedia.com Attack: Remote File Inclusion / SQL Injection Original advisory: http://14house.blogspot.com/2007/08/arcadem-rfi-sql-injection-flaws.html Discovered by:...
Arcadem 2.01 Remote SQL Injection / RFI Vulnerabilties
Exploit for unknown platform in category web applications ====================================================== Arcadem 2.01 Remote SQL Injection / RFI Vulnerabilties ====================================================== Arcadem Remote File Inclusion Flaw / SQL Injection Software: Arcadem 2.01...
Arcadem 2.01 - SQL Injection / Remote File Inclusion
Arcadem Remote File Inclusion Flaw / SQL Injection Software: Arcadem 2.01 Vendor link: http://agaresmedia.com Attack: Remote File Inclusion / SQL Injection Original advisory: http://14house.blogspot.com/2007/08/arcadem-rfi-sql-injection-flaws.html Discovered by: David Sopas Ferreira a.k.a SmOk3...
Arcadem 2.01 - 'index.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/25432/info Arcadem is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also...
CVE-2007-1733
Buffer overflow in InterVations NaviCOPA HTTP Server 2.01 allows remote attackers to execute arbitrary code via a long 1 /cgi-bin/ or 2 /cgi/ pathname in an HTTP GET request, probably a different issue than CVE-2006-5112...
GeekLog <= 2. (BaseView.php) Remote File Include Vulnerabilities
Flip-2.01-final 1.0 = Remote File Include Vulnerability Discovered by GolDMMahmnoodali & & Contact: [email protected] URL: http://releases.smallaxesolutions.com/flip-2.01.zip V.CODE: In : path/previewtheme.php include$incpath . "options.php"; include$incpath . "head.php"; Exploit:...
Remote file inclusion
PHP remote file inclusion vulnerability in previewtheme.php in Flipsource Flip 2.01-final 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the incpath parameter...
CVE-2007-0785
PHP remote file inclusion vulnerability in previewtheme.php in Flipsource Flip 2.01-final 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the incpath parameter...
CVE-2007-0785
The CVE-2007-0785 issue affects Flipsource Flip 2.01-final 1.0 and earlier, where a PHP remote file inclusion in previewtheme.php via the inc_path parameter enables arbitrary PHP code execution. The root cause is a vulnerable inclusion path that accepts attacker-controlled URLs. In public disclos...
Flip 2.01 final (previewtheme.php inc_path) RFI Vulnerability
No description provided by source. Flip-2.01-final 1.0 = Remote File Include Vulnerability Discovered by GolDMMahmnoodali & & Contact: [email protected] URL: http://releases.smallaxesolutions.com/flip-2.01.zip V.CODE: In : path/previewtheme.php include$incpath . "options.php"; include$incpath...
Flip 2.01 final (previewtheme.php inc_path) RFI Vulnerability
Exploit for unknown platform in category web applications ============================================================= Flip 2.01 final previewtheme.php incpath RFI Vulnerability ============================================================= Flip-2.01-final 1.0 = Remote File Include Vulnerability...
Flip 2.01 final - previewtheme.php?inc_path Remote File Inclusion
Flip 2.01 final - previewtheme.php?incpath Remote File Inclusion Flip-2.01-final 1.0 = Remote File Include Vulnerability Discovered by GolDMMahmnoodali & & Contact: [email protected] URL: http://releases.smallaxesolutions.com/flip-2.01.zip V.CODE: In : path/previewtheme.php include$incpath...
CVE-2006-4599
SQL injection vulnerability in autverifica.inc.php in Autentificator 2.01 allows remote attackers to execute arbitrary SQL commands via the user parameter...
Autentificator 2.01 - Aut_Verifica.Inc.php SQL Injection
Autentificator 2.01 - AutVerifica.Inc.php SQL Injection source: https://www.securityfocus.com/bid/19813/info Autentificator is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could...
CVE-2006-1749
PHP remote file inclusion vulnerability in config.php in phpListPro 2.0 and earlier allows remote attackers to execute arbitrary PHP code via the returnpath parameter. NOTE: this issue was later reported to affect 2.01 as well...