WAnewsletter 2.1.2 - SQL Injection

WAnewsletter 2.1.2 - SQL Injection ================================================ WAnewsletter v 2.1.2 SQL Injection Vulnerability ================================================ Exploit Title: WAnewsletter v 2.1.2 SQL Injection Vulnerabilitie Date: 23/09/2010 Author: BrOx-Dz Author:...

ibPhotohost 1.1.2 - SQL Injection

ibPhotohost 1.1.2 - SQL Injection + + Title: ibPhotohost 1.1.2 SQL Injection + Author: fred777 - fred777.5x.to + Link: http://mods.invisionize.com/index.php/f/7609 + Vuln: index.php?autocom=photohost&CODE=04&img=SQL Injection + Greetzz to: back2hack,free-hack,hackbase,c-c + Contact:...

CVE-2010-3455

Cross-site scripting XSS vulnerability in index.php in AChecker 1.0 allows remote attackers to inject arbitrary web script or HTML via the uri parameter...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in admin/managerusers.class.php in SantaFox 2.02, and possibly earlier, allows remote attackers to hijack the authentication of administrators for requests, as demonstrated by adding administrative users via the saveadmin action to admin/index.php...

CVE-2010-3455

CVE-2010-3455 is an XSS vulnerability in AChecker 1.0 . The flaw resides in the code path for index.php where the uri parameter is insufficiently sanitized, allowing remote attackers to inject arbitrary HTML/JavaScript. Demonstrated payloads and exploitation details appear in multiple sources (e....

CVE-2010-3466

CVE-2010-3466 : The vulnerability is a stored/reflected cross-site scripting issue in the NetArt Media iBoutique.MALL 1.2 hosted_signup module, specifically in index.php via the tmpl parameter. The XSS allows remote attackers to inject arbitrary HTML/JavaScript. The affected component is the host...

CVE-2010-3418

Multiple cross-site scripting XSS vulnerabilities in NetArt Media Car Portal 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 carid parameter to index.php and 2 y parameter to include/images.php...

Joomla Component com_read SQL Injection Vulnerability

Exploit for php platform in category web applications ===================================================== Joomla Component comread SQL Injection vulnerability ===================================================== + Exploit Title : Joomla Component read SQL injection vulnerability + Author :...

Directory traversal

Directory traversal vulnerability in the PicSell compicsell component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the dflink parameter in a prevsell dwnfree action to index.php...

Cross site scripting

Cross-site scripting XSS vulnerability in ajax.php in Wiccle Web Builder WWB 1.00 and 1.0.1 allows remote attackers to inject arbitrary web script or HTML via the posttext parameter in a site customsearch action to index.php. NOTE: some of these details are obtained from third party information...

Global Event Source (index.php) Blind Sql Injection Vulnerability

Exploit for php platform in category web applications ================================================================= Global Event Source index.php Blind Sql Injection Vulnerability ================================================================= .:. Author : AtT4CKxT3rR0r1ST email protected ....

PHP Joke Site Software - sbjoke_id SQL Injection

PHP Joke Site Software - sbjokeid SQL Injection Title: PHP Joke Site Software sbjokeid SQL Injection Vuln Link: http://www.softbizscripts.com/jokes-script-features.php Author: BorN To K!LL - h4ck3r 3xploit:...

Web-Ideas Web Shop Standard - SQL Injection

Exploit Title: SQL injection in web-ideas web shop standard Date: 31.08.2010 Author: Ariko-Security Software Link: http://www.web-ideas.com.au/web-shopstandard Version: ALL Tested on: ALL CVE : n/a Ariko-Security: Security Audits , Audyt bezpieczeństwa Advisory: 728/2010 ============ Ariko-Securi...

GaleriaSHQIP 1.0 SQL Injection

Exploit Title: GaleriaSHQIP SQL Injection Vulnerability Date: 28.08.2010 Author: Valentin Category: webapps/0day Version: v1.0 full Tested on: CVE : Code : :::::::::::::::::::::::::::::::::::::: 0x1 :::::::::::::::::::::::::::::::::::::: General Information Advisory/Exploit Title = GaleriaSHQIP S...

Seagull v0.6.7 SQL Injection Vulnerability

Exploit for php platform in category web applications ========================================== Seagull v0.6.7 SQL Injection Vulnerability ========================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ ...

Textpattern RFI Vulnerability

Exploit for php platform in category web applications ============================= Textpattern RFI Vulnerability ============================= Textpattern index.php -------------------------------------------------------------- + Author : Sn!pEr.S!Te Hacker + Email : email protected + Inj3ct0r...

textpattern CMS 4.2.0 - Remote File Inclusion

textpattern CMS 4.2.0 - Remote File Inclusion Remote File Inclusion Vulnerability ------------------------------------------------------------------------------ Textpattern index.php -------------------------------------------------------------- + Author : Sn!pEr.S!Te Hacker + Email :...

CVE-2009-4989

The CVE-2009-4989 entry concerns an XSS vulnerability in AJ Auction Pro OOPD 3.0, specifically in index.php where the txtkeyword parameter in a search action can be exploited to Inject arbitrary web-script/HTML. Affected component: index.php of AJ Auction Pro OOPD 3.0. Underlying cause: cross-sit...

Gazelle CMS - Multiple Vulnerabilities

Gazelle CMS - Multiple Vulnerabilities Exploit Title: AnantaGazelle Local File inclusion / Xss Vulnerabilities Date: 23/08/2010 Author: Sweet Contact : [email protected] Software Link: www.anantasoft.com Download:http://www.anantasoft.com/index.php?Gazelle%20CMS/Download Version: AnantaGazelle1...

Flex-Com (index.php) Blind SQL Injection Vulnerability

Exploit for php platform in category web applications ====================================================== Flex-Com index.php Blind SQL Injection Vulnerability ====================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /...