CVE-2006-0770

Cross-site scripting XSS vulnerability in calendar.php in MyBulletinBoard MyBB 1.0.4 allows remote attackers to inject arbitrary web script or HTML via a URL that is not sanitized before being returned as a link in "advanced details". NOTE: the provenance of this information is unknown; the detai...

Design/Logic Flaw

Unspecified vulnerability in the Advanced Queuing component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.6, 10.1.0.3 has unspecified impact and attack vectors, as identified by Oracle Vuln DB01...

CVE-2006-0256

Unspecified vulnerability in the Advanced Queuing component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.6, 10.1.0.3 has unspecified impact and attack vectors, as identified by Oracle Vuln DB01...

CVE-2006-0256

CVE-2006-0256 affects Oracle Database Server in multiple versions (e.g., 8.1.7.x, 9.2.x, 10g) with an unspecified impact in the CVE record. Connected sources describe a login-time SQL injection vulnerability in the Oracle DBMS login/authentication flow (AUTH_ALTER_SESSION) that could enable remot...

CVE-2005-4649

Multiple cross-site scripting XSS vulnerabilities in Advanced Guestbook 2.2 and 2.3.1 allow remote attackers to inject arbitrary web script or HTML via 1 the entry parameter in index.php and 2 the gbid parameter in comment.php. NOTE: The index.php/entry vector might be resultant from CVE-2005-154...

CVE-2005-4649

CVE-2005-4649 affects Advanced Guestbook 2.2 and 2.3.1, with XSS via (1) entry parameter in index.php and (2) gb_id in comment.php. Root cause: insufficient input sanitization on these parameters, allowing remote attackers to inject arbitrary HTML/JS. Index.php/entry vector may be related to CVE-...

CVE-2005-4649

Multiple cross-site scripting XSS vulnerabilities in Advanced Guestbook 2.2 and 2.3.1 allow remote attackers to inject arbitrary web script or HTML via 1 the entry parameter in index.php and 2 the gbid parameter in comment.php. NOTE: The index.php/entry vector might be resultant from CVE-2005-154...

[Full-disclosure] Advanced Guestbook remote XSS exploit

Advanced Guestbook 2.2 and 2.3.1 and possibly other versions remote XSS vulnerabilities By: Handrix handrixatmorxorg 16 December 2005 MorX security research team www.morx.org Description: Advanced Guestbook is a PHP-based guestbook script. index.php and comment.php scripts are vulnerable to XSS...

ag22sql.txt

In GOD We Trust; Kachal667 Under9round Team KuT new exploit with HTML for Advanced Guestbook 2.2 . This bug found by BHST. Coded By Hessam-x Note : For use this exploit first change target to victim example : www.targetsite.com/guestbook/admin.php =====HTML CODE : GuestBook 2.2 exploit Guest Book...

The foolish old man document password full brute-force-vulnerability warning-the black bar safety net

Heard a story: one of the passengers seeing going onthe plane, and his tickets and passport to put in the Password box, but also how to remember out of the box password. And the passengers similarly, some friends needed to open a document, but forgotten when the beginning position of the password...

exploit (html) for Advanced Guestbook 2.2

In GOD We Trust; Kachal667 Under9round Team KuT new exploit with HTML for Advanced Guestbook 2.2 . This bug found by BHST. Coded By Hessam-x Note : For use this exploit first change target to victim example : www.targetsite.com/guestbook/admin.php =====HTML CODE : html titleGuestBook 2.2...

CVE-2005-3742

CVE-2005-3742 describes a cross-site scripting (XSS) vulnerability in the popup.php component of Advanced Poll 2.0.3 and earlier. The issue allows remote attackers to inject arbitrary web script or HTML via the poll_ident parameter. The vulnerability affects the affected Poll software as document...

Advanced Poll 2.0.22.0.3 - popup.php Cross-Site Scripting

Advanced Poll 2.0.22.0.3 - popup.php Cross-Site Scripting source: https://www.securityfocus.com/bid/15506/info Advanced Poll is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...

CVE-2002-2138

RFC-NETBIOS in HP Advanced Server/9000 B.04.05 through B.04.09, when running HP-UX 11.00 or 11.11, allows remote attackers to cause a denial of service panic via a malformed UDP packet on port 139...

CVE-2002-2138

HP Advance Server/9000 on HP-UX 11.00 or 11.11 is affected by CVE-2002-2138. A malformed UDP packet to port 139 can cause a remote DoS (panic) in B.04.05–B.04.09. The connected sources do not provide exploitation details or a remediation. Monitoring for updates is advised.

CVE-2005-3588

SQL injection vulnerability in admin.php in Advanced Guestbook 2.2 allows remote attackers to execute arbitrary SQL commands and gain privileges via the username field...

CVE-2005-3588

The CVE-2005-3588 entry describes an SQL injection in Advanced Guestbook 2.2, exploitable via the username field in admin.php. The vulnerability is remote and allows execution of arbitrary SQL commands and privilege escalation. Documents indicate affected software is Advanced Guestbook 2.2; no sp...

CVE-2005-3588

SQL injection vulnerability in admin.php in Advanced Guestbook 2.2 allows remote attackers to execute arbitrary SQL commands and gain privileges via the username field...

guestbook-2.2.txt

Guestbook 2.2 webapplication PHP, MySQL appears vulnerable to SQL Injection granting the attacker administrator access. Target : http://www.example.com/GuestbookTarget/admin.php Username: ' or 1=1 / Password: NothingBlank Its Working On Advanced Guestbook 2.2 version 2.3.1 will fix this...

Advanced Guestbook 2.2 ( SQL Injection Exploit )

Guestbook 2.2 webapplication PHP, MySQL appears vulnerable to SQL Injection granting the attacker administrator access. Target : http://www.example.com/GuestbookTarget/admin.php Username: ' or 1=1 / Password: NothingBlank Its Working On Advanced Guestbook 2.2 version 2.3.1 will fix this...