2125 matches found
Joomla Component Property Local File Inclusion
No description provided by source. --------------------------------------------------------------------------------- Joomla Component Property Local File Inclusion --------------------------------------------------------------------------------- Author : Chip D3 Bi0s Group : LatinHackTeam Email &...
H-Sphere 2.x HTML Template Inclusion Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/7855/info H-Sphere is prone to multiple cross-site scripting vulnerabilities via the HTML template feature in the Hosting Control Panel. HTML and script code will not be filtered from pages which are generated when a...
Sphera HostingDirector 1.0/2.0/3.0 VDS Control Panel Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/7899/info Sphera HostingDirector VDS Control Panel has been reported prone to several cross-site scripting attacks. The vulnerabilities exist due to insufficient sanitization of user-supplied input for certain URI...
All In One Control Panel 1.3.x cp_downloads.php did Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/22032/info All In One Control Panel is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an...
EMule Web 0.42 Control Panel Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10317/info It has been reported that eMule's Web Control Panel is susceptible to a remote denial of service vulnerability. This issue is reportedly triggered by sending malformed requests to the web interface. Upon...
crownweb (page.cfm) SQL Injection Vulnerability
No description provided by source. crownweb page.cfm Sql Injection Vulnerability =================================================================== .:. Email : [email protected] .:. Team : Sec Attack Team .:. Home : www.sec-attack.com/vb .:. Script : crownweb .:. Language : Cfm .:. Script Download:...
Kloxo 6.1.18 Stable - CSRF Vulnerability
No description provided by source. Exploit Title :Kloxo 6.1.18 Stable CSRF Vulnerability Vendor Homepage :http://lxcenter.org/software/kloxo Version :6.1.18 Exploit Author :Necmettin COSKUN =@babayarisi Blog :http://www.ncoskun.com http://www.grisapka.org Discovery date :03/12/2014 CVE :N/A Kloxo...
Arab Portal 2.x - (forum.php qc) Remote SQL Injection Exploit
No description provided by source. ? / Arab Portal v2.x forum.php qc SQL Injection Exploit - Author : rEcruit - Mail : [email protected] - Download : http://arab-portal.net/download.php - Vuln in ./forum.php Line: 1503 code ifisset$apt-getqc &&!isset$apt-getqp $qc = $apt-getqc; $result =...
eXtreme Message Board 1.9.11 Multiple CSRF Vulnerabilities
No description provided by source. !--- Title: eXtreme Message Board 1.9.11 Multiple CSRF Vulnerabilities Author: 10n1z3d 10n1z3datwdotcn Date: Thu 15 Jul 2010 12:08:07 PM EEST Vendor: http://www.xmbforum.com/ Download: http://www.xmbforum.com/download/XMB-1.9.11.09.zip --- -= CSRF PoC 1 - Change...
Realtek HD Audio Control Panel 2.1.3.2 Exploit
No description provided by source. done by BraniX [email protected] www.hackers.org.pl found: 2010.08.24 tested on: Windows XP SP3 Home Edition SafeSEH bypass App. has classic buffer overflow vulnerability it can be triggered by passing a too long argument as a startup parameter. Shellcode ca...
Ragnarok Online Control Panel 4.3.4 a Authentication Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14429/info Ragnarok Online Control Panel ROCP is prone to a vulnerability that may let remote attackers bypass user authentication. This issue is related to how PHP variables are handled, letting an attacker influence a...
Quick Classifieds 1.0 - controlpannel/index.php3 DOCUMENT_ROOT Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the applicati...
DirectAdmin 1.34.4 - Multi CSRF vulnerability
No description provided by source. ============================================================================= Title : Multi CSRF vulnerability in DirectAdmin 1.34.4 Date : 20-3-2010 Version : 1.34.4 Author : K053 K053.Dev0te3 AT gmail Tested on : Ubuntu Vendor : http://www.directadmin.com/...
Hesk 0.92/0.93 Session ID Authentication Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14879/info Hesk is prone to an authentication bypass vulnerability. Successful exploitation will grant an attacker administrative access to the application. This can lead to unauthorized access of sensitive data,...
PowerScripts PlusMail WebConsole 1.0 Poor Authentication Vulnerability (3)
No description provided by source. source: http://www.securityfocus.com/bid/2653/info PowerScripts PlusMail Web Control Panel is a web-based administration suite for maintaining mailing lists, mail aliases, and web sites. It is reportedly possible to change the administrative username and passwor...
AIOCP 1.3.x cp_show_page_help.php Path Disclosure
No description provided by source. source: http://www.securityfocus.com/bid/20931/info All In One Control Panel AIOCP is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an attacker to steal...
Starsgames Control Panel 4.6.2 - 'index.php' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/29295/info Starsgames Control Panel is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...
WebHost Automation Helm Control Panel 3.1.x Multiple Input Validation Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/11586/info Helm Control Panel is reported prone to multiple vulnerabilities. These include an SQL injection issue and an HTML injection vulnerability. A remote attacker can execute arbitrary HTML and script code in a user...
EQdkp <= 1.3.1 (Referer Spoof) Remote Database Backup Vulnerability
No description provided by source. Title: EQdkp = 1.3.1 Referer Spoof to access to SQL Database URL: http://www.eqdkp.com Hook: Powered by EQdkp Author: Eight10 Contact: [email protected] --------------------------------------------------------------------------------------------------------...
PHPEasyData 1.5.4 - admin/login.php username Field SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/29659/info PHPEasyData is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage the cross-site scripting issues to...