2123 matches found
Parallels Plesk v11.0.9 - Multiple Web Vulnerabilities
Document Title: =============== Parallels Plesk v11.0.9 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=699 Release Date: ============= 2012-08-31 Vulnerability Laboratory ID VL-ID: ==================================== 699...
CVE-2012-2325
SQL injection vulnerability in the User Inline Moderation feature in the Admin Control Panel ACP in MyBB aka MyBulletinBoard before 1.6.7 allows remote administrators to execute arbitrary SQL commands via unspecified vectors...
CVE-2012-2326
Cross-site scripting XSS vulnerability in the Admin Control Panel ACP in MyBB aka MyBulletinBoard before 1.6.7 allows remote administrators to inject arbitrary web script or HTML via a malformed file name in an orphaned attachment...
CVE-2012-2324
Multiple SQL injection vulnerabilities in MyBB aka MyBulletinBoard before 1.6.7 allow remote administrators to execute arbitrary SQL commands via unspecified vectors in the 1 user search or 2 Mail Log in the Admin Control Panel ACP...
Cross site scripting
Cross-site scripting XSS vulnerability in the Admin Control Panel ACP in MyBB aka MyBulletinBoard before 1.6.7 allows remote administrators to inject arbitrary web script or HTML via a malformed file name in an orphaned attachment...
Sql injection
Multiple SQL injection vulnerabilities in MyBB aka MyBulletinBoard before 1.6.7 allow remote administrators to execute arbitrary SQL commands via unspecified vectors in the 1 user search or 2 Mail Log in the Admin Control Panel ACP...
Sql injection
SQL injection vulnerability in the User Inline Moderation feature in the Admin Control Panel ACP in MyBB aka MyBulletinBoard before 1.6.7 allows remote administrators to execute arbitrary SQL commands via unspecified vectors...
CVE-2012-2326
Cross-site scripting XSS vulnerability in the Admin Control Panel ACP in MyBB aka MyBulletinBoard before 1.6.7 allows remote administrators to inject arbitrary web script or HTML via a malformed file name in an orphaned attachment...
CVE-2012-2324
Multiple SQL injection vulnerabilities in MyBB aka MyBulletinBoard before 1.6.7 allow remote administrators to execute arbitrary SQL commands via unspecified vectors in the 1 user search or 2 Mail Log in the Admin Control Panel ACP...
CVE-2012-2326
MyBB Admin Control Panel (ACP) contains a Cross-site Scripting (XSS) vulnerability (CVE-2012-2326) affecting
CVE-2012-2325
SQL injection vulnerability in the User Inline Moderation feature in the Admin Control Panel ACP in MyBB aka MyBulletinBoard before 1.6.7 allows remote administrators to execute arbitrary SQL commands via unspecified vectors...
Nike+ Panel / Mobile App Cross Site Scripting
Exploit for php platform in category web applications Nike+ Panel & Mobile App - Multiple Web Vulnerabilities Details: ======== Multiple persistent input validation vulnerabilities are detected in the Nike+ Control Panel & fuelband mobile web application. The bug allows an attackers to...
Atmail Email Server WebAdmin Control Panel dbconfig.ini Information Disclosure
The remote web server hosts a version of Atmail Webmail that fails to properly restrict access to its database configuration file. A remote, unauthenticated attacker could obtain database connection information and then leverage this data to assist in further attacks. %NASLMINLEVEL 70300 C Tenabl...
Nike+ Panel & Mobile App - Multiple Web Vulnerabilities
Document Title: =============== Nike+ Panel & Mobile App - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=663 Release Date: ============= 2012-07-31 Vulnerability Laboratory ID VL-ID: ==================================== 663...
Atmail WebAdmin and Webmail Control Panel - SQL Root Password Disclosure
Vuln Title: Atmail WebAdmin and webmail Control Panel Remote Access SQL Root password Vulnerability Author: FaryadR a.k.a Ciph3r tested on : Atmail Email Server 6.20.8 Twitter : https://twitter.com/faryadR Mail : [email protected] Website : http://0c0c0c0c.com Vendor : http://atmail.com...
WordPress Simple Download Button Shortcode Plugin 1.0 - Remote File Disclosure
WordPress Simple Download Button Shortcode plugin is prone to a remote file disclosure vulnerability. It allows an attacker to compromise encrypted login credentials for or retrieve the device's administrator password allowing them to directly access the device's configuration control panel...
WordPress Thinkun Remind Plugin 1.1.3 - Remote File Disclosure
WordPress Tinymce Thumbnail plugin is prone to a remote file disclosure vulnerability. It allows an attacker to compromise encrypted login credentials for or retrieve the device's administrator password allowing them to directly access the device's configuration control panel. Solution Update the...
WordPress Newsletter Plugin 1.5 - Remote File Disclosure
WordPress Newsletter plugin is prone to a remote file disclosure vulnerability. It allows an attacker to compromise encrypted login credentials for or retrieve the device's administrator password allowing them to directly access the device's configuration control panel. Solution Update the plugin...
Axous 1.1.1 multiple defects (CSRF-persistent XSS)-a vulnerability warning-the black bar safety net
Title: Axous 1.1.1 Multiple Vulnerabilities CSRF - Persistent XSS Author: Ivano Binetti http://www.ivanobinetti.com Software download: http://www.axous.com/get.php?pid=1 App developer website: http://www.axous.com/ Affects versions : 1.1.1 and lower Test system : Debian Squeeze 6.0...
abcms 1.0 app/controller/admincp.php登录绕过漏洞
No description provided by source...