Lucene search
K

107 matches found

Prion
Prion
added 2007/08/07 10:17 a.m.17 views

Sql injection

SQL injection vulnerability in komentar.php in the Forum Module for auraCMS Modul Forum Sederhana allows remote attackers to execute arbitrary SQL commands via the id parameter to the default URI. NOTE: some of these details are obtained from third party information...

7.5CVSS8.7AI score0.01396EPSS
Exploits0References6
CVE
CVE
added 2007/08/07 10:0 a.m.53 views

CVE-2007-4171

The CVE-2007-4171 entry describes a SQL injection in auraCMS’s Forum Module (Forum Sederhana) via the id parameter to the default URI, affecting komentar.php. The vulnerability allows remote attackers to execute arbitrary SQL commands, with impacts described as partial confidentiality/integrity/a...

7.5CVSS8.3AI score0.01396EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2007/08/07 10:0 a.m.27 views

CVE-2007-4171

SQL injection vulnerability in komentar.php in the Forum Module for auraCMS Modul Forum Sederhana allows remote attackers to execute arbitrary SQL commands via the id parameter to the default URI. NOTE: some of these details are obtained from third party information...

8.2AI score0.01396EPSS
Exploits0References6
securityvulns
securityvulns
added 2007/08/06 12:0 a.m.80 views

AuraCMS [Forum Module] - Remote SQL Injection

AuraCMS Forum Module - Remote SQL Injection Vendor : http://auracms.org/ Download : http://iwan.or.id/redirect/download/36.html -- Forum Module Found By : k1tk4t - k1tk4t4tnewhack.org Location : Indonesia -- newhackdotorg @irc.dal.net Dork : inurl:"?pilih=forum" file; /forum/komentar.php bug at...

0.7AI score
Exploits0
seebug.org
seebug.org
added 2007/08/06 12:0 a.m.52 views

AuraCMS [Forum Module] Remote SQL Injection Vulnerability

No description provided by source. AuraCMS Forum Module - Remote SQL Injection Vendor : http://auracms.org/ Download : http://iwan.or.id/redirect/download/36.html -- Forum Module Found By : k1tk4t - k1tk4t4tnewhack.org Location : Indonesia -- newhackdotorg @irc.dal.net Dork : inurl:"?pilih=forum"...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2007/08/05 12:0 a.m.60 views

AuraCMS Forum Module - SQL Injection

AuraCMS Forum Module - SQL Injection AuraCMS Forum Module - Remote SQL Injection Vendor : http://auracms.org/ Download : http://iwan.or.id/redirect/download/36.html -- Forum Module Found By : k1tk4t - k1tk4t4tnewhack.org Location : Indonesia -- newhackdotorg @irc.dal.net Dork : inurl:"?pilih=foru...

0.5AI score
Exploits0
seebug.org
seebug.org
added 2007/08/05 12:0 a.m.60 views

AuraCMS [Forum Module] Remote SQL Injection Vulnerability

No description provided by source. AuraCMS Forum Module - Remote SQL Injection Vendor : http://auracms.org/ Download : http://iwan.or.id/redirect/download/36.html -- Forum Module Found By : k1tk4t - k1tk4t4tnewhack.org Location : Indonesia -- newhackdotorg @irc.dal.net Dork : inurl:"?pilih=forum"...

7.1AI score
Exploits0
0day.today
0day.today
added 2007/08/05 12:0 a.m.96 views

AuraCMS [Forum Module] Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ========================================================= AuraCMS Forum Module Remote SQL Injection Vulnerability ========================================================= AuraCMS Forum Module - Remote SQL Injection Vendor :...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2007/08/05 12:0 a.m.63 views

AuraCMS Forum Module - SQL Injection

AuraCMS Forum Module - Remote SQL Injection Vendor : http://auracms.org/ Download : http://iwan.or.id/redirect/download/36.html -- Forum Module Found By : k1tk4t - k1tk4t4tnewhack.org Location : Indonesia -- newhackdotorg @irc.dal.net Dork : inurl:"?pilih=forum" file; /forum/komentar.php bug at...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2007/02/07 12:0 a.m.44 views

otscms 2.1.5 - SQL Injection / Cross-Site Scripting

Coding 4 Fun Name = OTSCMS 2.1.5 by Wrzasq http://otscms.com ; Class = Sql Injection / XSS ; Download = http://sourceforge.net/project/showfiles.php?groupid=145557 ; Found by = GregStar gregstaratc4f.pl http://c4f.pl ;...

7.4AI score
Exploits0
NVD
NVD
added 2006/12/14 1:28 a.m.12 views

CVE-2006-6522

Multiple cross-site scripting XSS vulnerabilities in WikiTimeScale TwoZero before 2.31 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors in the 1 forum module and 2 event descriptions. NOTE: some of these details are obtained from third party information...

6.8CVSS5.8AI score0.01134EPSS
Exploits0References3
securityvulns
securityvulns
added 2006/10/21 12:0 a.m.101 views

[DRUPAL-SA-2006-024] Drupal 4.6.10 / 4.7.4 fixes multiple XSS issues

------------------------------------------------------------------------ ---- Drupal security advisory DRUPAL-SA-2006-024 ------------------------------------------------------------------------ ---- Project: Drupal core Date: 2006-Oct-18 Security risk: Moderately critical Exploitable from: Remot...

Exploits0
Tenable Nessus
Tenable Nessus
added 2006/10/20 12:0 a.m.12 views

FreeBSD : drupal -- multiple XSS vulnerabilities (b2383758-5f15-11db-ae08-0008743bf21a)

The Drupal Team reports : A bug in input validation and lack of output validation allows HTML and script insertion on several pages. Drupal's XML parser passes unescaped data to watchdog under certain circumstances. A malicious user may execute an XSS attack via a specially crafted RSS feed. This...

5.7AI score
Exploits0References3
Drupal
Drupal
added 2006/10/18 12:0 a.m.20 views

DRUPAL-SA-2006-024 - Drupal core - Multiple cross site scripting vulnerabilities

Multiple XSS cross site scripting vulnerabilities have been discovered. A bug in input validation and lack of output validation allows HTML and script insertion on several pages. Drupal's XML parser passes unescaped data to watchdog under certain circumstances. A malicious user may execute an XSS...

6.6AI score
Exploits0References4
FreeBSD
FreeBSD
added 2006/10/18 12:0 a.m.14 views

drupal -- multiple XSS vulnerabilities

The Drupal Team reports: A bug in input validation and lack of output validation allows HTML and script insertion on several pages. Drupal's XML parser passes unescaped data to watchdog under certain circumstances. A malicious user may execute an XSS attack via a specially crafted RSS feed. This...

1.8AI score
Exploits0References2
NVD
NVD
added 2006/02/23 2:6 a.m.17 views

CVE-2006-0851

SQL injection vulnerability in the forum module of ilchClan 1.05g and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter, when creating a newpost...

7.5CVSS8.3AI score0.01251EPSS
Exploits1References6
CVE
CVE
added 2006/02/23 2:0 a.m.56 views

CVE-2006-0851

SQL injection vulnerability in the forum module of ilchClan 1.05g and earlier allows remote attackers to execute arbitrary SQL via the pid parameter when creating a newpost. Root cause: unsanitized input in the pid field. Impact: partial confidentiality/integrity/availability. Affected: ilchClan ...

7.5CVSS8.3AI score0.01251EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2006/02/23 2:0 a.m.17 views

CVE-2006-0851

SQL injection vulnerability in the forum module of ilchClan 1.05g and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter, when creating a newpost...

8.3AI score0.01251EPSS
Exploits1References6
seebug.org
seebug.org
added 2005/11/16 12:0 a.m.35 views

PHPWebThings <= 1.4 (msg/forum) SQL Injection Exploit

No description provided by source. ?php ---phpwebth14xpl.php 10.47 16/11/2005 PHPWebThings 1.4 "msg" and "forum" SQL injection / Administrative credentials disclosure and remote commands execution coded by rgod site: http://rgod.altervista.org based on http://secunia.com/advisories/17410/, but he...

7.1AI score
Exploits0
CVE
CVE
added 2005/11/02 11:0 a.m.43 views

CVE-2005-3436

CVE-2005-3436 affects Nuked-Klan 1.7 with a cross-site scripting (XSS) vulnerability. The issue permits injection of arbitrary web script or HTML via multiple inputs: (1) the Search module, (2) specific fields in Guestbook, (3) the Forum module title, and (4) Textbox. The root cause is unsanitize...

4.3CVSS6AI score0.01296EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder