MailForm 1.2 Remote File Inclusion

Exploit Title: MailForm Remote File Include Date: 14-8-2010 Author: LoSt.HaCkEr / aDaMTRoJaN Software Link: http://scripts.bdr130.net/files/any/MailForm.zip Version: v 1.2 Tested on: Windows XP CVE : هكر المسيب Contact: LoSt.HaCkEratyahoodotcom /0r/ [email protected]...

Free Simple Software 1.0 - Remote File Inclusion

Free Simple Software 1.0 - Remote File Inclusion Free Simple Software V1.0 By : Dr.$audi SauDi ViRuS TeaM By : http://Sa-ViRuS.CoM Email : [email protected] Dork: Powered by free simple software Greets : RENO , Dr.php , ! BaD BoY ! , Gov.HaCkEr , Mind , AnTi SeCuRe Script HomePage:...

CVE-2010-3027

An SQL injection in Tycoon Baseball Script 1.0.9 (index.php) allows remote execution via the game_id parameter in a game_player action. This is reported across multiple sources (NVD, Red Hat, CVE List, PRION) with base CVSS2 score 7.5 (HIGH). The connected documents do not provide a patch or work...

Edit-X CMS Cross Site Scripting

Vulnerability ID: HTB22542 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityineditxcms.html Product: Edit-X CMS Vendor: Edit-X, Inc. http://www.edit-x.com/ Vulnerable Version: Current at 27.07.2010 and Probably Prior Versions Vendor Notification: 27 July 2010 Vulnerability Type: XSS Cro...

MailForm 1.2 Remote File Include Vulnerability

Exploit for php platform in category web applications ============================================== MailForm 1.2 Remote File Include Vulnerability ============================================== Exploit Title: MailForm Remote File Include Date: 14-8-2010 Author: LoSt.HaCkEr / aDaMTRoJaN Software...

MailForm 1.2 - Remote File Inclusion

MailForm 1.2 - Remote File Inclusion Exploit Title: MailForm Remote File Include Date: 14-8-2010 Author: LoSt.HaCkEr / aDaMTRoJaN Software Link: http://scripts.bdr130.net/files/any/MailForm.zip Version: v 1.2 Tested on: Windows XP CVE : هكر المسيب Contact: LoSt.HaCkEratyahoodotcom /0r/ ...

Prado Portal 1.2.0 Cross Site Scripting

Vulnerability ID: HTB22515 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinpradoportal.html Product: Prado Portal Vendor: Compudesign ApS http://www.pradoportal.dk/ Vulnerable Version: 1.2.0 and Probably Prior Versions Vendor Notification: 22 July 2010 Vulnerability Type: XSS Cross...

SiteLoom CMS 21.07.2010 Cross Site Scripting

Vulnerability ID: HTB22516 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinsiteloomcms.html Product: SiteLoom CMS Vendor: SiteLoom ApS http://www.siteloom.dk/ Vulnerable Version: Current at 21.07.2010 and Probably Prior Versions Vendor Notification: 22 July 2010 Vulnerability Type: X...

Sql injection

SQL injection vulnerability in AV Scripts AV Arcade 3 allows remote attackers to execute arbitrary SQL commands via the avacode cookie to the "main page," related to index.php and the login task...

sX-Shop - Multiple SQL Injections

sX-Shop - Multiple SQL Injections sX-Shop SQL Injection Vulnerabilities Author : CoBRa21 Author Web Page :http://ipbul.org Dork : "powered by sX-Shop" Script Page : http://www.source-worx.de/ Sql Injection : http://localhost/path/index.php?product=513' Sql http://localhost/path/question.php?id=-5...

sNews 'category' parameter SQLi Vulnerability

sNews is prone to a SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:solucija:snews";...

Joomla Jigsaw Directory Traversal

============================================================================ = = = Author : Fl0riX = = = = Greez: Sakkure, Code Hunters Family & All CW = = = = Name: J oomla comjigsaw = = = = Bug Type: Directory Traversal = = == == == == == == == == == == == == == == == == == == == == == == == ==...

AdPeeps 'index.php' Multiple Vulnerabilities.

AdPeeps is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Area Galid (galid) SQL Injection Exploit (.py)

Exploit for php platform in category web applications ============================================== Area Galid galid SQL Injection Exploit .py ============================================== !/usr/bin/env python -- coding:utf-8 -- Area Galid galid SQL Injection Exploit .py Author LifeSteaLeR Foun...

CVE-2010-2926

SQL injection vulnerability in index.php in sNews 1.7 allows remote attackers to execute arbitrary SQL commands via the category parameter...

CVE-2010-2926

CVE-2010-2926 concerns a SQL injection in the sNews 1.7 system, specifically in the site’s index.php where the category parameter is unsafely used to construct SQL queries. The vulnerability allows remote attackers to inject arbitrary SQL commands, enabling potential data disclosure/modification....

CVE-2010-2912

CVE-2010-2912 describes an SQL injection in Kayako eSupport 3.70.02, exploitable via the _a parameter of a downloads action in index.php. The vulnerability could allow remote attackers to execute arbitrary SQL commands, with impact described as partial confidentiality, integrity, and availability...

CVE-2010-2911

CVE-2010-2911 affects Kayako eSupport 3.70.02. Affected component: index.php ; vulnerability: SQL injection via the newsid parameter in a viewnews action. Root cause: improper input handling leading to arbitrary SQL execution. Impact: data exposure/modification possible depending on DB privileges...

CVE-2009-4972

Cross-site scripting XSS vulnerability in index.php aka the log in page in SimpleID before 0.6.5 allows remote attackers to inject arbitrary web script or HTML via the s parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php aka the log in page in SimpleID before 0.6.5 allows remote attackers to inject arbitrary web script or HTML via the s parameter...