Lucene search
K

422 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

UBBCentral UBB.threads 5.5.1/6.x download.php Number Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/14052/info UBB.Threads is prone to multiple SQL injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacker...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

FdScript <= 1.3.2 (download.php) Remote File Disclosure Vulnerability

No description provided by source. Title : FdScript = v1.3.2 Remote File Disclosure Vulnerability Author : ajann Contact : : Site : http://stud.usv.ro/vladl/ $$ : Free SOURCE--------------------------------------------------------- http://target/path//download.php?fname=SOURCE FILE Example:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.31 views

Seo Panel 2.1.0 - Critical File Disclosure

No description provided by source. Title: Seo Panel 2.1.0 - Critical File Disclosure Body: Seo Panel - Critical File Disclosure http://www.exploit-db.com/finding-0days-in-web-applications/ Versions Affected: 2.1.0 previous versions were not checked. Info: A complete open source seo control panel...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

WordPress File Groups plugin <= 1.1.2 - SQL Injection Vulnerability

No description provided by source. Exploit Title: WordPress File Groups plugin = 1.1.2 SQL Injection Vulnerability Date: 2011-08-17 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link: http://downloads.wordpress.org/plugin/file-groups.1.1.2.zip Version: 1.1.2 tested --- P...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

ChangshinSoft EZTrans Server Download.PHP Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8155/info It has been reported that a problem in ChangshinSoft ezTrans Server exists in the download.php script that may allow an attacker to view arbitrary files. This may result in the disclosure of potentially sensitiv...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.39 views

com_forum Mambo Component <= 1.2.4RC3 Remote Include Vulnerability

No description provided by source. Bug Found by h4ntu http://h4ntu.com batamhacker crew Another Mambo component remote inclusion vulneribility download : http://mamboxchange.com/frs/download.php/6873/phpbbcomponent1.2.4RC3.zip bug found in file : download.php define'INPHPBB', true; //$phpbbrootpa...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.10 views

Siteframe 2.2.4 Download.php Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7143/info Siteframe has been reported vulnerable to an information disclosure vulnerability. When handling certain download requests Siteframe may be lead into an error condition. When these errors occur, the script will...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

WordPress Filedownload Plugin 0.1 (download.php) Remote File Disclosure Vulnerability

No description provided by source...

7.1AI score
Exploits0
Patchstack
Patchstack
added 2014/06/23 12:0 a.m.16 views

WordPress SS Downloads Plugin <= 1.4 - XSS

Because of this vulnerability in templates/download.php, attackers can inject arbitrary web script or HTML via the "title" parameter. Solution Update the plugin...

4.3CVSS3.4AI score0.02046EPSS
Exploits1References1Affected Software1
Packet Storm
Packet Storm
added 2014/06/10 12:0 a.m.20 views

WordPress SCv1 Local File Disclosure

Title : Wordpress SCv1 Theme Local File Disclosure + Discovered By : Medrik + CMS Home-Page : http://wordpress.org + Found Date : 2014-06-10 + Tested On : Windows This is LFD Vulnerability In : File : download.php Parameter : file Vulnerability Locate :...

7AI score
Exploits0
seebug.org
seebug.org
added 2014/05/26 12:0 a.m.12 views

NS_ASG 6.3 /commonplugin-Download.php 任意文件下载漏洞

No description provided by source...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2014/04/14 12:0 a.m.9 views

WordPress Theme LineNity 1.20 - Local File Inclusion

WordPress Theme LineNity 1.20 - Local File Inclusion + Local File Inclusion in WordPress Theme LineNity + Date: 13/04/2014 + Risk: High + Author: Felipe Andrian Peixoto + Vendor Homepage: http://themeforest.net/item/linenity-clean-responsive-wordpress-magazine/4417803 + Contact:...

7.4AI score
Exploits0
Prion
Prion
added 2014/01/09 6:55 p.m.27 views

Sql injection

SQL injection vulnerability in download.php in Horizon Quick Content Management System QCMS 4.0 and earlier allows remote to execute arbitrary SQL commands via the category parameter...

7.5CVSS8.8AI score0.01045EPSS
Exploits7References2Affected Software1
Cvelist
Cvelist
added 2014/01/09 3:0 p.m.36 views

CVE-2013-7139

SQL injection vulnerability in download.php in Horizon Quick Content Management System QCMS 4.0 and earlier allows remote to execute arbitrary SQL commands via the category parameter...

8.1AI score0.01045EPSS
Exploits7References2
seebug.org
seebug.org
added 2013/08/13 12:0 a.m.23 views

NITC 3.21 /download.php 任意文件下载漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/06/07 12:0 a.m.572 views

Dedecms v57 sp1 plus/download.php SQL注入漏洞

起因是全局变量$GLOBALS可以被任意修改,随便看了下,漏洞一堆,我只找了一处。 codeinclude/dedesql.class.php ifisset$GLOBALS'arrs1' $v1 = $v2 = ''; for$i=0;isset$arrs1$i;$i++ $v1 .= chr$arrs1$i; for$i=0;isset$arrs2$i;$i++ $v2 .= chr$arrs2$i; //解码ascii $GLOBALS$v1 .= $v2; //注意这里不是覆盖,是+ function SetQuery$sql $prefix="@"; $sql =...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2012/09/20 12:0 a.m.124 views

Manhali 1.8 - Local File Inclusion

Exploit Title: Manhali v1.8 Local File Inclusion Vulnerability Date: 20/09/2012 Author: L0n3ly-H34rT Contact: [email protected] My Site: http://se3c.blogspot.com/ Vendor Link: http://www.manhali.com/ Software Link: http://sourceforge.net/projects/manhali/files/manhali1.8.zip/download Versio...

7AI score
Exploits0
exploitpack
exploitpack
added 2012/08/18 12:0 a.m.16 views

SaltOS - download.php Cross-Site Scripting

SaltOS - download.php Cross-Site Scripting source: https://www.securityfocus.com/bid/55117/info SaltOS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of...

6.8AI score
Exploits0
0day.today
0day.today
added 2012/07/16 12:0 a.m.18 views

Rama Zeiten CMS Remote File Disclosure Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2012/03/20 12:0 a.m.25 views

GNUBoard 4.34.20 - download.php HTML Injection

GNUBoard 4.34.20 - download.php HTML Injection source: https://www.securityfocus.com/bid/52622/info Gnuboard is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script co...

7.6AI score
Exploits0
Rows per page
Query Builder