CVE-2012-6516

SQL injection vulnerability in PHP Ticket System Beta 1 allows remote attackers to execute arbitrary SQL commands via the q parameter to index.php...

CVE-2012-6513

CVE-2012-6513 is an XSS vulnerability in gpEasy CMS 2.3.3: index.php/Admin_Preferences accepts jsoncallback leading to remote injection of arbitrary web script/HTML. Impact: arbitrary script execution in affected contexts. Documented exploit exists (Exploit-DB 37104). No patch/version details pro...

Joomla Collector Shell Upload

Exploit Title:Joomla comcollecter shell upload Author: Red Dragonal Alb0zZ Team Home :HackForums.AL,alb0zz.in Date :19/01/2013 Category:: web apps Google dork: inurl:index.php?option=comcollector Tested on: Windows XP Download: http://www.steevo.fr/en/download Home Page: http://www.steevo.fr/...

WordPress Events Manager Plugin <= 5.3.4 - Multiple XSS

Because of these vulnerabilities, the attackers can inject arbitrary web script or HTML via the "scope" parameter to index.php. Solution Update the plugin...

CVE-2012-5874

Multiple SQL injection vulnerabilities in the 1 updatewhosonlinereg and 2 updatewhosonlineguest functions in Elite Bulletin Board before 2.1.22 allow remote attackers to execute arbitrary SQL commands via the PATHINFO to a checkuser.php, b groups.php, c index.php, d login.php, e quicklogin.php, f...

Invision Power Services Invision Gallery 1.0.1 Multiple SQL Injection Vulnerabilities

Exploit for php platform in category web applications source: http://www.securityfocus.com/bid/9944/info It has been reported that Invision Gallery may be prone to multiple sql injection vulnerabilities, allowing an attacker to influence SQL query logic. The issues exist due to insufficient...

Server: XSS vulnerability in bookmarks

A cross-site scripting XSS vulnerability in ownCloud before 4.5.5 and 4.0.10 allow remote attackers to inject arbitrary web script or HTML via the PATH data to index.php in apps/bookmark/ For more information please consult the official advisory. This advisory is licensed CC BY-SA 4.0...

FOOT Gestion CMS SQL Injection

Product: FOOT Gestion Version: - Vendor: Winsoft Vendor site:http://www.footgestion.ch Status: fixed Level: High ========= Description ========= FOOT Gestion is a soccer team management CMS. The solution is based on a software and a CMS website. The website module is affected by a SQL injection...

Amoy Empire system background cookie spoofing vulnerability and the background to get shell-vulnerability warning-the black bar safety net

The accidental discovery of Amoy Empire free version of the background can be a cookie trick Tools: the Veteran's cookies'cheat tool Keywords: classification - Mall - brand - woman - man - beauty - shoes and bags - digital - home - food First open the tool the cookie to COOKIEadminuser=admin;...

Kleeja Upload Center Script CRLF Injection

Exploit Title : Kleeja Upload Center Script CRLF injection Author:Ashiyane Digital Security Team home: http://ashiyane.org/forums version:1.0.1 software link: www.Kleeja.com Date:Sunday - 2012 25 November Google Dork: intext:Kleeja © 2007-2012. All rights reserved Type: CRLF injection Tested...

CVE-2012-6047

CVE-2012-6047 is a CSRF vulnerability in X7 Chat

Directory traversal

Directory traversal vulnerability in Jstore comjstore component for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. dot dot in the controller parameter to index.php...

SmartCMS (index.php, idx parameter) SQL Injection Vulnerability

Exploit for php platform in category web applications ============================================================================================================= o SmartCMS = SQL Injection Vulnerability Software : SmartMS Vendor : http://smartcms.nl/ Author : NoGe Contact :...

SmartCMS - index.php?idx SQL Injection

SmartCMS - index.php?idx SQL Injection ============================================================================================================= o SmartCMS = SQL Injection Vulnerability Software : SmartMS Vendor : http://smartcms.nl/ Author : NoGe Contact : nogedotcodeatgmaildotcom Blog :...

ApPHP MicroCMS SQL Injection Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

WordPress Plugin Facebook Survey 1.0 - SQL Injection

WordPress Plugin Facebook Survey 1.0 - SQL Injection Title: ====== Wordpress Facebook Survey v1 - SQL Injection Vulnerability Date: ===== 2012-11-18 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=766 VL-ID: ===== 766 Common Vulnerability Scoring System:...

91736cms 1.9.7 index.php SQL注入

No description provided by source...

CVE-2012-4532

Cross-site scripting XSS vulnerability in modules/modlanguages/tmpl/default.php in the Language Switcher module for Joomla! 2.5.x before 2.5.7 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to index.php. NOTE: some of these details are obtained from third party...

One Page Directory Multiple SQL/RFI Vulnerabilities

Exploit for php platform in category web applications / @exploit One Page Directory Multiple SQL/RFI Vulnerabilities @script EN-Title One Page Directory @script AR-Title برنامج وصلة @virsion 2.0 @author Cold Zero www.hackteach.org @copyright 25/10/2012 @script...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in BrowserCRM 5.100.01 and earlier allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 index.php, 2 modules/admin/adminmoduleindex.php, or 3 modules/calendar/customisecalendartimes.php; login parameter to 4 index.ph...