CVE-2009-1247

CVE-2009-1247 is an SQL injection vulnerability in Acute Control Panel 1.0.0. The flaw is in login.php, exploitable via the username parameter to execute arbitrary SQL commands remotely. NVD lists a base score of 7.5 (HIGH) with network access, low attack complexity, and no authentication. Connec...

CVE-2009-1248

CVE-2009-1248 affects Acute Control Panel 1.0.0, with multiple PHP remote file inclusion vulnerabilities. The issue allows an attacker to craft a URL in the theme_directory parameter to container.php or header.php within themes/ to execute arbitrary PHP code on the server. The underlying root cau...

Acute Control Panel SQL Injection Vulnerability and Remote File Include Vulnerability

Acute Control Panel is prone to multiple input-validation vulnerabilities, including an SQL-injection issue and multiple remote file-include issues. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

Acute Control Panel 1.0.0 (SQL/RFI) Multiple Remote Vulnerabilities

No description provided by source. + Acute Control Panel 1.0.0 RFI/SQL Injection Auth Bypass + Discovered By SirGod + www.mortal-team.org + www.h4cky0u.org + Remote File Inclusion Vulnerable code in container.php ----------------------------------------------------------- ?php...

Acute Control Panel 1.0.0 RFI / SQL Injection

Acute Control Panel 1.0.0 RFI/SQL Injection Auth Bypass + Discovered By SirGod + www.mortal-team.org + www.h4cky0u.org + Remote File Inclusion Vulnerable code in container.php ----------------------------------------------------------- -----------------------------------------------------------...

acute control panel 1.0.0 - SQL Injection Remote File Inclusion

acute control panel 1.0.0 - SQL Injection Remote File Inclusion + Acute Control Panel 1.0.0 RFI/SQL Injection Auth Bypass + Discovered By SirGod + www.mortal-team.org + www.h4cky0u.org + Remote File Inclusion Vulnerable code in container.php...

DirectAdmin <= 1.33.1 Symlink Permission Bypass Vuln (untested)

No description provided by source. /H\ /T\ |T-HHHHHHH-T| HHHHHHHHHH| HHHHHHHHHH| H-T H-T \T-HHHHH-T/ HHHHHHHHH/ HHHHHHHHH/ H-T H-T H-T H-T H-T H-THHHHHH-T /HHHHH\ H-T H-T H-T H-THHHHHH-T THHHHHT H-T H-T H-T H-T H-T \HHHHH/ H-T H-T H-T H-T H-T H-T H-T H-T H-T H-T H-T /H\ HHHHHHHHH\...

ExpressionEngine Cross Site Scripting

nGenuity Information Services - Security Advisory Advisory ID: NGENUITY-2009-003 - ExpressionEngine Persistent Cross-Site Scripting Application: ExpressionEngine 1.6.4 possibly earlier-1.6.6 Vendor: EllisLab, INC Vendor website: http://www.expressionengine.com Author: Adam Baldwin...

Traidnt up 2.0 - cookie Add Extension Bypass

Traidnt up 2.0 - cookie Add Extension Bypass Add Extension : milw0rm.com 2009-03-11...

Burst a few over-active Defense method-vulnerability warning-the black bar safety net

Generally the Trojan is added from the start is antivirus software active defense, or 3 6 0 intercept,a few days ago in an online found several registry since the start of the method,the effect is also good,can be considered currently active Defense of a large Dead Space,even of micro-point turne...

[BMSA-2009-01] Authentication bypass in Interspire Shopping Cart v4.0.1 and below

BLUE MOON SECURITY ADVISORY 2009-01 =================================== :Title: Authentication bypass in Interspire Shopping Cart :Severity: Critical :Reporter: Truong Van Tri and Blue Moon Consulting :Products: Interspire Shopping Cart v4.0.1 Ultimate edition :Fixed in: v4.0.2 Description...

DMXReady SDK 1.1 - Arbitrary File Download

Title : DMXReady SDK = 1.1 Remote File Download Vulnerability Author : ajann Contact : : S.Page : http://www.dmxready.com/productdetails.asp?mid=5&incid=11&ItemID=178 $$ : 389.97 $ Stop Attack ABD and ISRAEL !...

MODx vulnerable to SQL injection

Overview MODx, an open source contents management system, contains a SQL injection vulnerability. MODx, an open source contents management system, contains a SQL injection vulnerability in the MODx Control Panel. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability ...

JVN#72630020 MODx vulnerable to SQL injection

MODx, an open source contents management system, contains a SQL injection vulnerability in the MODx Control Panel. Impact A remote attacker could obtain administrative privileges of MODx. Solution Update the Software Apply the latest update provided by the developer. Products Affected MODx 0.9.6....

Absolute Control Panel XE 1.5 - Insecure Cookie Handling

Absolute Control Panel XE 1.5 - Insecure Cookie Handling | | / | \ \ / / / | / | | | | \ | | | | \ V / | | | | | | | | | | | | | || | | | | | | | | | | | | | | || | / || | || \ | Discovered By : Hakxer Home : Www.educ-up.com Type Gap : Insecure Cookie Handling script : Absolute Control Panel XE...

Absolute Control Panel XE 1.5 Insecure Cookie Handling Vulnerability

No description provided by source. | | / | \ \ / / / | / | | | | \ | | | | \ V / | | | | | | | | | | | | | || | | | | | | | | | | | | | | || | / || | || \ | Discovered By : Hakxer Home : Www.educ-up.com Type Gap : Insecure Cookie Handling script : Absolute Control Panel XE see script...

absolutecontrol-cookie.txt

| | / | \ \ / / / | / | | | | \ | | | | \ V / | | | | | | | | | | | | | || | | | | | | | | | | | | | | || | / || | || \ | Discovered By : Hakxer Home : Www.educ-up.com Type Gap : Insecure Cookie Handling script : Absolute Control Panel XE see script http://www.xigla.com/absolutecp/demo.htm...

Absolute Control Panel XE 1.5 Insecure Cookie Handling Vulnerability

Exploit for asp platform in category web applications ==================================================================== Absolute Control Panel XE 1.5 Insecure Cookie Handling Vulnerability ==================================================================== Discovered By : Hakxer Type Gap :...

Absolute Control Panel XE 1.5 - Insecure Cookie Handling

| | / | \ \ / / / | / | | | | \ | | | | \ V / | | | | | | | | | | | | | || | | | | | | | | | | | | | | || | / || | || \ | Discovered By : Hakxer Home : Www.educ-up.com Type Gap : Insecure Cookie Handling script : Absolute Control Panel XE see script http://www.xigla.com/absolutecp/demo.htm...

phpwebexplorer-lfi.txt

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- PHPWebExplorer eNYe-Sec - www.enye-sec.org -- Exploit -- If you have access to the control panel: http://localhost/main.php?refer=d&d=../../../etc http://localhost/edit.php?file=../../../etc/passwd If you are not a register user but you...