Greenstone - Multiple Vulnerabilities

Greenstone - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/56662/info Greenstone is prone to the following security vulnerabilities: 1. A file-disclosure vulnerability 2. A cross-site scripting vulnerability 3. A security weakness 4. A security-bypass vulnerability Attackers...

Greenstone - Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/56662/info Greenstone is prone to the following security vulnerabilities: 1. A file-disclosure vulnerability 2. A cross-site scripting vulnerability 3. A security weakness 4. A security-bypass vulnerability Attackers can exploit these issues to view local...

openSIS 5.1 - ajax.php Local File Inclusion

openSIS 5.1 - ajax.php Local File Inclusion source: https://www.securityfocus.com/bid/56598/info openSIS is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit this vulnerability to obtain potentially sensitive...

Open Realty - 'select_users_lang' Local File Inclusion

source: https://www.securityfocus.com/bid/55834/info Open Realty is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information or to execute arbitrary local scripts i...

CVE-2012-2129

Cross-site scripting XSS vulnerability in doku.php in DokuWiki 2012-01-25 Angua allows remote attackers to inject arbitrary web script or HTML via the target parameter in an edit action...

GalaxyScripts Mini File Host and DaddyScripts Daddys File Host - Local File Inclusion

GalaxyScripts Mini File Host and DaddyScripts Daddys File Host - Local File Inclusion source: https://www.securityfocus.com/bid/54992/info GalaxyScripts Mini File Host and DaddyScripts Daddy's File Host are prone to a local file-include vulnerability because they fail to properly sanitize...

Cryptographp Local File Inclusion / HTTP Response Splitting

Exploit for php platform in category web applications During a security assessment, I’ve found that my target was using Cryptographp which is a PHP script used for generate « captchas ». It was easily noticeable when I’ve found the following URL: http://WWWW/cryptographp.inc.php?cfg=XX&sn=YYYY&ZZ...

WEB MART from KENT-WEB vulnerable to cross-site scripting

Overview WEB MART provided by KENT-WEB contains a cross-site scripting vulnerability. WEB MART provided by KENT-WEB is a system for creating shopping websites. WEB MART contains a vulnerability in handling cookies, which may result in cross-site scripting. ISHIBASHI,Tsuyoshi of Mitsui Bussan Secu...

Jogjacamp - Presistent XSS Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x...

Crea-Boutique - Persistent XSS Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x...

TomatoCart 1.2.0 Alpha 2 - json.php Local File Inclusion

TomatoCart 1.2.0 Alpha 2 - json.php Local File Inclusion source: https://www.securityfocus.com/bid/52766/info TomatoCart is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially...

Open Realty 'select_users_template' Parameter Local File Include Vulnerability

Open Realty is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information or to execute arbitrary local scripts in the context of the webserver process. This may allo...

Open Realty 'select_users_template' Parameter Local File Include Vulnerability

Open Realty is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Joomla! Component com_xvs - Controller Local File Inclusion

Joomla! Component comxvs - Controller Local File Inclusion source: https://www.securityfocus.com/bid/52091/info The 'comxvs' component for Joomla! is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability t...

Joomla! Component com_xcomp - Local File Inclusion

Joomla! Component comxcomp - Local File Inclusion source: https://www.securityfocus.com/bid/52078/info The Xcomp component for Joomla! is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain...

Joomla! Component com_xcomp - Local File Inclusion

source: https://www.securityfocus.com/bid/52078/info The Xcomp component for Joomla! is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitra...

Joomla! Component com_boss - Controller Local File Inclusion

Joomla! Component comboss - Controller Local File Inclusion source: https://www.securityfocus.com/bid/51619/info The 'comboss' component for Joomla! is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability...

osCommerce Multiple Local File Include Vulnerabilities

osCommerce is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This ma...

Shockwave.com Cross Site Scripting

Exploit Title: shockwave.com Cross Site Scripting Vulnerability Date: 12/11/2011 - 04:00am Author: Ryuzaki Lawlet Website: http://jusryuz.blogspot.com Tested On: WinXP Platform: - Email: [email protected] $ Vulnerable : http://www.domain.com/search.jsp?q= $ Preview Sites:...

ECshop 2.7.2 XSS

简要描述： 过滤不严 详细说明： 缺货登记-联系人处可保存任意脚本 漏洞证明： 脚本可利用privilege.php中update管理员的邮箱，通过找回密码，获取邮箱...