CVE-2008-0362

Cross-site scripting XSS vulnerability in gallery.php in Clever Copy 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the album parameter...

CVE-2008-0363

Multiple SQL injection vulnerabilities in Clever Copy 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 ID parameter to postcomment.php and the 2 album parameter to gallery.php...

CVE-2008-0362

The CVE-2008-0362 entry describes a Cross-Site Scripting (XSS) vulnerability in Clever Copy versions up to 3.0, specifically in gallery.php. The flaw allows remote attackers to inject arbitrary web script or HTML through the album parameter. Affected software is the Clever Copy gallery implementa...

clevercopy-sqlxss.txt

...:::::Clever Copy v3.0 Multiple Remote Vulnerabilities::::.... sql injection/xss Virangar Security Team www.virangar.org www.virangar.net -------- Discoverd By : virangar security teamhadihadi --------------------------------- special tnx to:MR.nosrati,MR.hesy,satan,Zahra & my lovely friend ara...

Charrays CMS 0.9.3 - Multiple Remote File Inclusions

--------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org Staffatinj3ct-itdotorg --------------------------------------------------------------- Multiple...

eMeeting Online Dating Software 5.2 SQL Injection Vulnerabilities

No description provided by source. --==+================================================================================+==-- --==+ eMeeting Online Dating Software 5.2 SQL Injection Vulnerbilitys +==-- --==+================================================================================+==--...

eMeeting Online Dating Software 5.2 SQL Injection Vulnerabilities

Exploit for unknown platform in category web applications ================================================================= eMeeting Online Dating Software 5.2 SQL Injection Vulnerabilities =================================================================...

eMeeting Online Dating Software 5.2 - SQL Injection

--==+================================================================================+==-- --==+ eMeeting Online Dating Software 5.2 SQL Injection Vulnerbilitys +==-- --==+================================================================================+==-- AUTHOR: t0pP8uZz & xprog SITE: eMeeting...

Sql injection

Multiple SQL injection vulnerabilities in NetClassifieds Premium Edition allow remote attackers to execute arbitrary SQL commands via the suserid parameter to ViewCat.php and other unspecified vectors. NOTE: the CatID/ViewCat.php, CatID/gallery.php, and ItemNum/ViewItem.php vectors are already...

Sql injection

Multiple SQL injection vulnerabilities in modules/admin/modules/gallery.php in PHPEcho CMS 2.0-rc1 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter and possibly other parameters. NOTE: some of these details are obtained from third party information...

maGAZIn 2.0 - 'PHPThumb.php?src' Remote File Disclosure

\|/// \ - - // @ @ ----oOOo---oOOo--------------------------------------------------- Y! Underground Group [email protected] Dj7xpl.2600.ir ----ooooO-----Ooooo-------------------------------------------------- \ / \ / --------------------------------------------------------------------- ! Portal...

Sql injection

Multiple SQL injection vulnerabilities in phpx 3.5.15 allow remote attackers to execute arbitrary SQL commands via the 1 imageid or 2 catid parameter to a gallery.php; the 3 newsid parameter to b news.php or c print.php; 4 the newscatid parameter to news.php; the 5 catid, 6 topicid, or 7 postid...

CVE-2007-1550

Multiple SQL injection vulnerabilities in phpx 3.5.15 allow remote attackers to execute arbitrary SQL commands via the 1 imageid or 2 catid parameter to a gallery.php; the 3 newsid parameter to b news.php or c print.php; 4 the newscatid parameter to news.php; the 5 catid, 6 topicid, or 7 postid...

PHPX 3.5.15/3.5.16 - 'gallery.php' SQL Injection

source: https://www.securityfocus.com/bid/23033/info PHPX is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, execute arbitra...

Cross site scripting

Cross-site scripting XSS vulnerability in gallery.php in XeroXer Simple one-file gallery allows remote attackers to inject arbitrary web script or HTML via the f parameter...

CVE-2007-1124

CVE-2007-1124 affects the XeroXer Simple one-file gallery. It is a directory traversal vulnerability in gallery.php, exploitable by supplying a .. in the f parameter to read arbitrary files. The connected records confirm the affected product and the root cause is improper path handling in the f p...

CVE-2007-0502

SQL injection vulnerability in gallery.php in webSPELL 4.01.02 allows remote attackers to execute arbitrary SQL commands via the picID parameter, a different vector than CVE-2007-0492...

Sql injection

SQL injection vulnerability in gallery.php in webSPELL 4.01.02 allows remote attackers to execute arbitrary SQL commands via the picID parameter, a different vector than CVE-2007-0492...

CVE-2007-0502

The CVE-2007-0502 entry corresponds to a SQL injection in webSPELL 4.01.02, affecting gallery.php via the picID parameter. The vulnerability is remote and allows arbitrary SQL execution; this is a separate vector from CVE-2007-0492. Connected documents confirm the affected application (webSPELL 4...

webSPELL 4.01.02 (gallery.php) Remote Blind SQL Injection Exploit

No description provided by source. ?php //webSPELL SQL-injection exploit in gallery.php $xpl = new phpsploit; $xpl-allowredirection1; $xpl-cookiejar1; function istrue$xpl,$host,$path,$prefix,$gid,$pid,$uid,$i,$h...