103 matches found
Qualiteam X-Cart 4.0.8 home.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/13817/info X-Cart is prone to SQL injection and cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. These vulnerabilities could permit remot...
CVE-2012-5315
Multiple cross-site scripting XSS vulnerabilities in php ireport 1.0 allow remote attackers to inject arbitrary web script or HTML via the message parameter to 1 messagesviewer.php, 2 home.php, or 3 history.php...
CMS United SQL Injection
======================================================================= CMS United Blind SQL Injection ======================================================================= CMS United Blind SQL Injection on home.php file Site vendor: www.cmsunited.com Date: 12/09/2012 Author: s4r4d0 Contact:...
PHP iReport 1.0 - Remote Html Code Injection
PHP iReport 1.0 - Remote Html Code Injection !/usr/bin/perl Title = phpireport v1.0 = Remote Html Code injection Author = Or4nG.M4n Download = http://garr.dl.sourceforge.net/project/phpireport/phpireport%20v1.0%20alpha%20revision%2025.rar Thnks : +----------------------------------+ | xSs m4n i-H...
Pecio CMS 'template' Multiple Remote File Include Vulnerabilities
This host is running Pecio CMS and is prone to multiple remote file inclusion vulnerabilities. OpenVAS Vulnerability Test $Id: gbpeciocmsmultrfivuln.nasl 5323 2017-02-17 08:49:23Z teissa $ Pecio CMS 'template' Multiple Remote File Include Vulnerabilities Authors: Madhuri D Copyright: Copyright c...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in Pecio CMS 2.0.5 allow remote attackers to execute arbitrary PHP code via a URL in the template parameter to 1 post.php, 2 article.php, 3 blog.php, or 4 home.php in pectemplates/nova-blue/...
Web Design Noida SQL Injection
============================================== Web Design Noida SQL Injection Vulnerability ============================================== .----..--.--.| |--..-----..----.| |.-----..-----. | || | || || -|| || || || | ||| ||||||| ||||| | || || Web Design Noida SQL Injection Vulnerability Vendor:...
magic-portal 2.1 - SQL Injection
magic-portal 2.1 - SQL Injection :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: Exploit Title :magic-portal SQL injection Vulnerability Author: alnjm33 Software Link: Version: 2.1 Tested on: Version 2.1 My home : Sec-war.com...
X-Cart email subscription xss
No description provided by source. X-Cart XSS in email subscription Download: http://www.x-cart.com/ Discovered by: Paulo Santos Contact: [email protected] Blog: http://infocampo.wordpress.com http://target/path/customer/home.php?mode=subscribed&email=plaintext/...
Opial 1.0 File Upload / XSS / SQL Injection
::::::::::::::::::::R3AL.RU:::::::::::::::::::: Opial 1.0 Arbitrary File Upload & XSS & SQL Injection genresparent Author: LMaster Greetz: r3al.ru Official Site with demo: http://www.opial.com --Arbitrary File UploadSQL InjectionXSSalertdocument.cookie; Demo: http://www.opial.com/demo/register.ph...
Unfixed XSS vulnerability at www.poveditions.com
Security researcher Xylitol, has submitted on 05/03/2009 a cross-site-scripting XSS vulnerability affecting www.poveditions.com, which at the time of submission ranked 2459949 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 19/04/2009. It is...
CVE-2008-5042
Zeeways PhotoVideoTube 1.1 and earlier contains an authentication bypass vulnerability that allows remote attackers to bypass login and perform administrative tasks via a direct request to admin/home.php. This CVE (CVE-2008-5042) is documented by NVD and CVE lists, with public exploit references ...
Sql injection
Multiple SQL injection vulnerabilities in Haudenschilt Family Connections CMS FCMS 1.4 allow remote authenticated users to execute arbitrary SQL commands via the 1 address parameter to addressbook.php, the 2 getnews parameter to familynews.php, and the 3 pollid parameter to home.php in a results...
E-Annu (home.php) Remote SQL Injection Vulnerability
-------------------------------------------------AYYILDIZ.ORG PreSents... Script: E-Annu Script D.: http://www.alic.ch/sources/annu.rar Script Demo: http://www.autocash.ch/annu/ Contact: ilker Kandemir ilkerkandemiratmynet.com info: / Siz Yokken AYYILDIZ Vardi. /...
Sql injection
SQL injection vulnerability in home.php in E-Annu allows remote attackers to execute arbitrary SQL commands via the a parameter...
CVE-2007-2416
CVE-2007-2416 pertains to an SQL injection in the E-Annu application, specifically in home.php where the parameter a is user-controlled. The vulnerability allows remote attackers to execute arbitrary SQL commands via that a parameter, enabling partial confidentiality and integrity impact and pote...
CVE-2007-2416
SQL injection vulnerability in home.php in E-Annu allows remote attackers to execute arbitrary SQL commands via the a parameter...
CVE-2006-5074
Cross-site scripting XSS vulnerability in home.php in PHP Invoice 2.2 allows remote attackers to inject arbitrary web script or HTML via the alert parameter...
PHP Invoice 2.2 (Billing and client Management) home.php Xss vuln.
description : ------------- PHP Invoice designed to automate your entire account, order, billing, ticket system needs. From displaying your sales content, to ordering, PHP Invoice will handle all your billing and authentication requirements with speed and ease. No Matter Webmaster, Web Designer,...
PHP Invoice 2.2 - 'home.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/20221/info PHP Invoice is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting use...