Softplace CMS SQL Injection

Softplace CMS Remote SQL Injection Vulnerability Software : Softplace Date : 1/23/2012 Vendor : http://softplace.it Commercial Dork : intext:"Powered by Softplace" Author : ITTIHACK Home : http://ittihack.com Vulnerable File : index.php | indexint.php Exploit : http://site/path/index.php?pag=SQLi...

Joomla Boss Component LFI Vulnerability (Jan 2012) - Active Check

Joomla Boss component is prone to local file inclusion LFI vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Joomla XBall SQL Injection

Exploit Title : Joomla Component comxball SQL Injection Vulnerability Author : CoBRa21 E-Mail : uykucu at windowslive.com My Team : Lojistik ALLSTAR cyber-warrior.org Google Dork : inurl:index.php?option=comxball Status : High-Risk SQL Vulnerability...

Tribiq CMS - index.php SQL Injection

Tribiq CMS - index.php SQL Injection source: https://www.securityfocus.com/bid/51614/info Tribiq CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise...

CVE-2012-0905

SQL injection vulnerability in deV!L'z Clanportal DZCP Gamebase addon allows remote attackers to execute arbitrary SQL commands via the gameid parameter in a detail action to index.php...

Sql injection

SQL injection vulnerability in the Moviebase addon for deV!L'z Clanportal DZCP 1.5.5 allows remote attackers to execute arbitrary SQL commands via the id parameter in a showkat action to index.php...

CVE-2012-0906

SQL injection vulnerability in the Moviebase addon for deV!L'z Clanportal DZCP 1.5.5 allows remote attackers to execute arbitrary SQL commands via the id parameter in a showkat action to index.php...

CVE-2012-0905

CVE-2012-0905 : SQL injection vulnerability in the deV!L'z Clanportal (DZCP) Gamebase addon. The issue allows remote attackers to execute arbitrary SQL commands via the gameid parameter in a detail action to index.php. Affected component is the gamebase addon for DZCP; root cause is improper hand...

PHPDomainRegister 0.4a-RC2-dev Cross Site Scripting / SQL Injection

Title = PHPDomainRegister v0.4a-RC2-dev = SQL AuthSQL InjectXSS Author = Or4nG.M4n Download = http://garr.dl.sourceforge.net/project/phpdr/v0.4b%20-%20RC2.rar This Bug Powered By : GooGLe Thnks : +----------------------------------+ | xSs m4n i-Hmx Cyber-Crystal | | Dr.Bnned ahwak2000 sa^Dev!L |...

PHPDomainRegister 0.4a-RC2-dev - Multiple Vulnerabilities

PHPDomainRegister 0.4a-RC2-dev - Multiple Vulnerabilities Title = PHPDomainRegister v0.4a-RC2-dev = SQL AuthSQL InjectXSS Author = Or4nG.M4n Download = http://garr.dl.sourceforge.net/project/phpdr/v0.4b%20-%20RC2.rar This Bug Powered By : GooGLe Thnks : +----------------------------------+ | xSs...

WordPress Plugin wp-autoyoutube - Blind SQL Injection

WordPress Plugin wp-autoyoutube - Blind SQL Injection Exploit Title: WordPress wp-autoyoutube plugin Blind SQL Injection Vulnerability Date: 2012-11-01 Author: longrifle0x software: Wordpress Download:http://wordpress.org/extend/plugins/wp-autoyoutube/ Tools: SQLMAP DESCRIPTION Discovered a...

WordPress Plugin wp-autoyoutube - Blind SQL Injection

Exploit Title: WordPress wp-autoyoutube plugin Blind SQL Injection Vulnerability Date: 2012-11-01 Author: longrifle0x software: Wordpress Download:http://wordpress.org/extend/plugins/wp-autoyoutube/ Tools: SQLMAP DESCRIPTION Discovered a vulnerability in wp-autoyoutube, Wordpress Plugin,...

Pragyan CMS 3.0 Remote File Disclosure

Title Pragyan CMS v 3.0 = Remote File Disclosure Author Or4nG.M4n Download http://space.dl.sourceforge.net/project/pragyan/pragyan/3.0/PragyanCMS-v3.0-beta.tar.bz2 vuln download.lib.php line 16 vuln index.php line 234 $GET'fileget' exploit...

Pragyan CMS v 3.0 Remote File Disclosure

Exploit for php platform in category web applications Title Pragyan CMS v 3.0 = Remote File Disclosure Author Or4nG.M4n Download http://space.dl.sourceforge.net/project/pragyan/pragyan/3.0/PragyanCMS-v3.0-beta.tar.bz2 vuln download.lib.php line 16 vuln index.php line 234 $GET'fileget' exploit...

Pragyan CMS 3.0 - Remote File Disclosure

Title Pragyan CMS v 3.0 = Remote File Disclosure Author Or4nG.M4n Download http://space.dl.sourceforge.net/project/pragyan/pragyan/3.0/PragyanCMS-v3.0-beta.tar.bz2 vuln download.lib.php line 16 vuln index.php line 234 $GET'fileget' exploit...

Joomla Simple File Upload Module Remote Code Execution Vulnerability

This host is running Joomla Simple File Upload Module and is prone to remote code execution vulnerability. OpenVAS Vulnerability Test $Id: gbjoomlasimplefileuploadcodeexecvuln.nasl 5841 2017-04-03 12:46:41Z cfi $ Joomla Simple File Upload Module Remote Code Execution Vulnerability Authors: Madhur...

Cross site scripting

Cross-site scripting XSS vulnerability in setup/index.php in Textpattern CMS 4.4.1, when the product is incompletely installed, allows remote attackers to inject arbitrary web script or HTML via the ddb parameter...

CVE-2011-5019

Cross-site scripting XSS vulnerability in setup/index.php in Textpattern CMS 4.4.1, when the product is incompletely installed, allows remote attackers to inject arbitrary web script or HTML via the ddb parameter...

SourceForge Local File Inclusion

Exploit Title: SourceForge.Net LGames LFI Vulnerability / 0DAY Date: 31/12/2011 - 17.38 Author: 3spi0n Platform: Php Vulnerable File - " index.php?project= " $ Vulnerability ; Lgames.sourceforge.net/index.php?project=../../../.././../etc/passwd%00LFI Vulnerability Dar bi Koridor Benimki, Kendimi...

PHPCMS 9 index.php 本地文件包含漏洞

phpcms/modules/search/index.php 代码如下： public function publicgetsuggestkeyword $url = $GET'url'.'&q='.$GET'q'; $res = @filegetcontents$url; ifCHARSET != 'gbk' $res = iconv'gbk', CHARSET, $res; echo $res;...