PT-2006-5892 · Deluxebb · Deluxebb

Name of the Vulnerable Software and Affected Versions: DeluxeBB versions 1.09 and earlier Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the templatefolder parameter. This can be exploited by providing a malicious URL to the vulnerable parameter,...

CVE-2006-4463

SQL injection vulnerability in the administrator control panel in Jetstat.com JS ASP Faq Manager 1.10 allows remote attackers to execute arbitrary SQL commands via the pwd parameter aka the Password field...

CVE-2006-3737

Cross-site scripting XSS vulnerability in filemanager/filemanager.php in the control panel in SWsoft Plesk 8.0 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the file parameter...

plesk800.txt

Product: Plesk control panel Version: alert; Credits INVENT...

CVE-2006-3737

Cross-site scripting XSS vulnerability in filemanager/filemanager.php in the control panel in SWsoft Plesk 8.0 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the file parameter...

CVE-2006-3737

CVE-2006-3737 describes a cross-site scripting (XSS) vulnerability in the filemanager/filemanager.php component of the SWsoft Plesk control panel (version 8.0 and earlier). The issue arises when an authenticated user supplies a crafted file parameter, allowing injection of arbitrary web script or...

DeluxeBB 1.07 Create admin Exploit

DeluxeBB 1.07 Create admin Exploit ---------------------------------------- + Summary : Name : DeluxeBB 1.07 Class : Remote Risk : High + Description: DeluxeBB 1.07 Have a high Security Bug in user control panel cp.php . this bug allows to users change access level with inject qurry in update...

Sql injection

SQL injection vulnerability in controlpanel/index.php in CMS Mundo before 1.0 build 008 allows remote attackers to execute arbitrary SQL commands via the username parameter...

Crack the password file with spear and shield encryption and decryption battle-vulnerability warning-the black bar safety net

Currently on the network encryption software have mushroomed General everywhere, their price is often in the 3 0 yuan, and many friends also have to fork out money to buy these encryption software, but they really can play the role of encryption? Author Super rabbit and WinRAR both software for...

CVE-2006-1407

Multiple cross-site scripting XSS vulnerabilities in Helm Web Hosting Control Panel 3.2.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 txtDomainName parameter to domains.asp or 2 SearchText or 3 UserLevel parameters to default.asp...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Helm Web Hosting Control Panel 3.2.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 txtDomainName parameter to domains.asp or 2 SearchText or 3 UserLevel parameters to default.asp...

CVE-2006-1407

CVE-2006-1407 concerns multiple cross-site scripting (XSS) flaws in Helm Web Hosting Control Panel 3.2.10 and earlier. The affected components are domains.asp (txtDomainName) and default.asp (SearchText, UserLevel) where user-controlled inputs can inject arbitrary script/HTML. The practical impac...

Helm Web Hosting Control Panel XSS vuln.

Helm Web Hosting Control Panel XSS vuln. Vuln. discovered by : r0t Date: 27 march 2006 vendor:http://www.webhostautomation.com/ affected versions:3.2.10 and prior orginal advisory: http://pridels.blogspot.com/2006/03/helm-web-hosting-control-panel-xss.html Vuln. description: Helm Web Hosting...

Free Articles Directory Remote Command Exucetion

Web Site : http://www.99articles.com Script Demo Site : http://www.articlesone.com General : 1. Support rssfeed XML to distribute articles for others website and blogs. It will make grow website popularity 2. Newsletter to be growing visitors 3. Membership system for writer participants submit...

[eVuln] phpstatus Authentication Bypass

New eVuln Advisory: phpstatus Authentication Bypass http://evuln.com/vulns/61/summary.html --------------------Summary---------------- eVuln ID: EV0061 CVE: CVE-2006-0570 CVE-2006-0571 CVE-2006-0572 Vendor: Hinton Design Vendor's Web Site: http://www.hintondesign.org Software: phpstatus Sowtware'...

[eVuln] phphg Guestbook Multiple Vulnerabilities

New eVuln Advisory: phphg Guestbook Multiple Vulnerabilities http://evuln.com/vulns/58/summary.html --------------------Summary---------------- eVuln ID: EV0058 CVE: CVE-2006-0602 CVE-2006-0603 CVE-2006-0604 Vendor: Hinton Design Vendor's Web Site: http://www.hintondesign.org Software: phphg...

simpleBlogXSS.txt

Hackers Center Security Group http://www.hackerscenter.com/ Zinho's Security Advisory Risk: High - Note from the author Simple Blog is a free weblog application intended for personal use. The latest version, 2.1, features xhtml/css template structure, rss feed, blog calendar and an easy to use...

[eVuln] WebspotBlogging Authentication Bypass Vulnerability

New eVuln Advisory: WebspotBlogging Authentication Bypass Vulnerability http://evuln.com/vulns/41/summary.html --------------------Summary---------------- Software: WebspotBlogging Sowtware's Web Site: http://www.webspot.co.uk/ Versions: 3.0 Critical Level: Dangerous Type: SQL Injection Class:...

Helm XSS Vulnerability

I.Vulnerability Helm Hosting Control Panel Cross Site Scripting Vulnerability II.Vendor Web Host Automation Ltd. www.webhostautomation.com III.Affected Systems Helm v3.2.8 and probably previous versions. IV.About Helm is a multi-server management and hosting control system for Windows 2000 and 20...

hsphereXSS.txt

I.Vulnerability H-Sphere Hosting Control Panel Cross Site Scripting Vulnerability II.Vendor Positive Software www.psoft.net III.Affected Systems H-Sphere = 2.4.3 Patch 8 IV.About H-Sphere is a scalable multiserver web hosting control panel that provides complete hosting automation for Linux, BSD ...