142 matches found
Joomla! Component Magic Deals Web 1.2.0 - SQL Injection
Exploit Title: Joomla! Component Magic Deals Web v1.2.0 - SQL Injection Google Dork: inurl:index.php?option=commagicdealsweb Date: 21.02.2017 Vendor Homepage: http://jasonwebdesign.com/ Software Buy: https://extensions.joomla.org/extensions/extension/e-commerce/gifts-a-coupons/magic-deals-web/...
WordPress plugin wpcalendar suffers from a reflected cross-site scripting vulnerability
WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A reflective cross-site scripting vulnerability exists in the WordPress plugin wpcalendar 'index.php' page, as the program fails to effectively filter user-submitte...
eXtplorer vulnerable to cross-site request forgery
Overview eXtplorer is a web-based file manager. index.php of eXtplorer contains a cross-site request forgery CWE-352 vulnerability. Gen Sato of TRADE WORKS Co.,Ltd. Security Dept. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...
Deep CMS 2.0 Index.PHP Remote File Include Vulnerability
No description provided by source...
webSPELL <= 4.01.02 (id) Remote Edit Topics Vulnerability
No description provided by source. +=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=+=--=--=--=--=--=-+ | webSPELL = 4.01.02 id Remote Edit Topics Vulnerability | Note | +=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=+=--=--=--=--=--=-+ | discovered by athos -...
Gizzar <= 03162002 (index.php) Remote File Include Vulnerability
No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register import re class TestPOCPOCBase: vulID = '64305' ssvid version = '1.0' author = 'kikay' vulDate = '2006-12-13' createDate ...
PTCeffect 4.6 /index.php 本地文件包含漏洞
No description provided by source...
CVE-2010-4958
SQL injection vulnerability in index.php in Prado Portal 1.2.0 allows remote attackers to execute arbitrary SQL commands via the page parameter...
CVE-2009-5089
Directory traversal vulnerability in index.php in IdeaCart 0.02 and 0.02a allows remote attackers to read arbitrary files via a .. dot dot in the page parameter...
DV Cart Shopping Cart software - SQL Injection
Exploit Title: DV Cart E-Commerce System SQL Injection Date: 19.08.2011 Author: Eyup CELIK Software Link: http://www.esmistudio.com Version: All Version Tested on: All versions are Vulnerability ISSUE SQL Injection can be done using the command input Example index.php?keyword=&mod=search&submit=G...
Lombego Systems CMS SQL Injection
Title : Lombego Systems CMS Blind SQLI Author: Codeine Vendor: Lombego Systems http://www.lombego.de/ Email : f3codeineatyahoodotcom Date : 06/25/2011 Dork : intext:"Powered by Lombego Systems" inurl:index.php?pageid= Cat : PHP SQli Injecton Point: http://www.site.com/frontend/index.php?pageid='...
sNews 1.7 SQL Injection
sNews v1.7 index.php?category SQL Injection Vulnerability Author : CoBRa21 Author Web Page : http://www.ipbul.org Dork: "Powered by sNews" Sql Injection: http://localhost/path/index.php?category=-3 union select 0,version,2,3,4,5,6,7,8 Thanks http://e-banka.org & http://www.cyber-warrior.org...
CVE-2010-0956
CVE-2010-0956 affects OpenCart 1.3.2 where the vulnerable component is the application’s frontend logic in the index.php file. The vulnerability is an SQL injection via the page parameter , caused by insufficient sanitization of user input before using it in an SQL query. The impact is remote arb...
JaxCMS 1.0 - Local File Inclusion
JaxCMS 1.0 - Local File Inclusion / Name : JaxCMS p Local File Include WebSite : http://www.pixiescripts.com/ Author : Hamza 'MizoZ' N. Email : [email protected] Greetz : Zuka ! / The vulnerability is in the get $GET'p' , the index.php include '/pages/'.$GET'p'.'.php' So we can read any file in th...
Redcat Media SQL Injection
x==========================================x | AntiSecuritydotorg | x==========================================x x==========================================x | Title : redcat media inurl:index.php?contentId= SQL Injection Vulnerability | Vendor : http://www.redcatmedia.co.uk/ | Date : 2 oktober...
PaoBacheca 2.1 Cross Site Scripting
/ | | \ \ / / | | \ \ / / | |\ \ /\ / / | | | | | | \ V /| | | \ V V / | | || | || / ||| // ,|, | |/ | | | |/ / | ' \ | | / | | | | | | | |||,|| || || PaoBacheca 2.1 Remote URI XSS Vulnerabilities Discovered By : Moudi Contact : Download : http://zenas.org Greetings : Mizoz, Zuka, str0ke,...
Sql injection
SQL injection vulnerability in index.php in Uiga Church Portal allows remote attackers to execute arbitrary SQL commands via the year parameter in a calendar action...
RedaxScript 0.2.0 - Language Local File Inclusion
RedaxScript 0.2.0 - Language Local File Inclusion + Redaxscript 0.2.0 index.php language Local File Inclusion Vulnerability + Discovered By SirGod + www.mortal-team.org + www.h4cky0u.org + Local File Inclusion index.php : -----------------------------------------------------------------...
Request It 1.0 (index.php id) Remote File Inclusion Vulnerability
No description provided by source. Request It v1.0 Remote File Inclusion Vulnerability Ghost Hacker , R-h Team , Real Hack We Will Be Back Soon : Found by : Ghost Hacker |, .-. .-. ,| My Home : Real Hack We Will Be Back Soon & v4-Team.com | o/ \o | My Blog : http://gh0st10.wordpress.com |/ /\ | M...
CVE-2008-2845
SQL injection vulnerability in index.php in MyBizz-Classifieds allows remote attackers to execute arbitrary SQL commands via the cat parameter...