2532/gigs 1.2.2 - stable Multiple Vulnerabilities

No description provided by source. START 0x01 Informations: Script : 2532|Gigs v1.2 Stable Download : http://www.hotscripts.com/jump.php?listingid=65863&jumptype=1 Dork : Powered by 2532|Gigs v1.2.2 Vulnerability : Local File Inclusion / Remote File Upload Author : Osirys Contact :...

2532/Gigs <= 1.2.2 - Arbitrary Database Backup/Download Vulnerability

No description provided by source. --==+================================================================================+==-- --==+ 2532|Gigs = 1.2.2 Arbitrary Remote Database Backup/Download +==-- --==+================================================================================+==-- Discover...

2532|Gigs Detection (HTTP)

HTTP based detection of 2532-Gigs. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.800681";...

CVE-2008-6907

Multiple SQL injection vulnerabilities in checkuser.php in 2532designs 2532|Gigs 1.2.2 Stable, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 username and 2 password parameters, as accessible from a form generated by index.php...

CVE-2008-6907

Multiple SQL injection vulnerabilities in checkuser.php in 2532designs 2532|Gigs 1.2.2 Stable, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 username and 2 password parameters, as accessible from a form generated by index.php...

CVE-2008-6907

CVE-2008-6907 affects 2532designs/2532|Gigs 1.2.2 Stable. Vulnerable component: checkuser.php; issue arises when magic_quotes_gpc is disabled. Attackers can manipulate the (1) username and (2) password parameters via the login form (index.php) to cause SQL injection. OpenVAS entries describe thes...

CVE-2008-6902

Unrestricted file upload vulnerability in uploadflyer.php in 2532designs 2532|Gigs 1.2.2 Stable allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in flyers/...

CVE-2008-6902

Unrestricted file upload vulnerability in uploadflyer.php in 2532designs 2532|Gigs 1.2.2 Stable allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in flyers/...

CVE-2008-6901

Multiple directory traversal vulnerabilities in 2532designs 2532|Gigs 1.2.2 Stable, when registerglobals is enabled and magicquotesgpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. dot dot in the language parameter to 1 settings.php, 2 deleteuser.php, 3...

CVE-2008-6199

2532designs 2532|Gigs 1.2.2 and earlier allows remote attackers to trigger a backup and obtain sensitive information via a direct request to backup.php, which creates backup.sql under the web root with insufficient access control...

2532|Gigs 1.2 Stable LFI / File Upload Vulnerabilities

START 0x01 Informations: Script : 2532|Gigs v1.2 Stable Download : http://www.hotscripts.com/jump.php?listingid=65863&jumptype=1 Dork : Powered by 2532|Gigs v1.2.2 Vulnerability : Local File Inclusion / Remote File Upload Author : Osirys Contact : osirysatlivedotit Website : http://osirys.org Not...

2532/Gigs 1.2.2 Stable - Remote Authentication Bypass

/ ------------------------------------------------------------------------------------------------ 2532|Gigs 1.2.2 Stable Remote Login Bypass Vulnerability ------------------------------------------------------------------------------------------------ by athos - stakerathotmaildotit...

2532/Gigs 1.2.2 Stable - Remote Command Execution

---------------------------------------------------------------- Fix / errorreporting0; $host = explode'/',$argv1; $exec = $argv2 or usage; $sock = fsockopen$host0,80; $post = "content="; $leng = strlen$post; $data = "POST /$host1/calcssedit.php HTTP/1.1\r\n". "Host: $host0\r\n". "User-Agent: Lyn...

2532/Gigs 1.2.2 - Arbitrary Database Backup/Download

--==+================================================================================+==-- --==+ 2532|Gigs = 1.2.2 Arbitrary Remote Database Backup/Download +==-- --==+================================================================================+==-- Discovered By: t0pP8uZz Discovered On: 18...

CVE-2007-4585

Directory traversal vulnerability in activateuser.php in 2532|Gigs 1.2.1 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the language parameter...

CVE-2007-4585

The CVE-2007-4585 entry concerns a directory traversal vulnerability in activateuser.php of the 2532|Gigs 1.2.1 installation. The underlying issue allows remote attackers to cause local file inclusion and execution by manipulating the language parameter with a .. (dot dot) sequence. The impact is...