Joomla Reservations Cross Site Scripting

Exploit Title: Joomla Component Reservations XSS Vulnerability Date: 28th May 2010 Author: Valentin Category: webapps/0day Version: unknown Tested on: CVE : Code : :::::::::::::::::::::::::::::::::::::: 0x1 :::::::::::::::::::::::::::::::::::::: General Information Advisory/Exploit Title = Joomla...

CVE-2010-2096

Directory traversal vulnerability in index.php in CMSQlite 1.2 and earlier allows remote attackers to include and execute arbitrary local files via a .. dot dot in the mod parameter...

CVE-2010-2096

CVE-2010-2096 is a directory traversal vulnerability in CMSQlite

toronja cms SQL Injection Vulnerability

Exploit for php platform in category web applications ======================================= toronja cms SQL Injection Vulnerability ======================================= .----..--.--.| |--..-----..----.| |.-----..-----. | || | || || -|| || || || | ||| ||||||| ||||| | || || toronja cms SQL...

Spaceacre - index.php SQL Injection HTML Cross-Site Scripting Injection

Spaceacre - index.php SQL Injection HTML Cross-Site Scripting Injection ------------------------------------------------------------------------------------------- Spaceacre index.php SQL/HTML/XSS Injection Vulnerability...

Spaceacre - '/index.php' SQL Injection / HTML / Cross-Site Scripting Injection

------------------------------------------------------------------------------------------- Spaceacre index.php SQL/HTML/XSS Injection Vulnerability ------------------------------------------------------------------------------------------- Author: CoBRa21 Script Home: http://www.spaceacre.com Do...

Sql injection

SQL injection vulnerability in index.php in JE CMS 1.0.0 and 1.1 allows remote attackers to execute arbitrary SQL commands via the categoryid parameter in a viewcategory action. NOTE: some of these details are obtained from third party information...

CVE-2010-2047

CVE-2010-2047 (JE CMS) : A SQL injection vulnerability exists in JE CMS versions 1.0.0 and 1.1 in index.php, exploitable via the categoryid parameter in a viewcategory action. This allows remote attackers to craft SQL payloads and potentially execute arbitrary SQL commands. The documents do not p...

CVE-2010-2036

Directory traversal vulnerability in the Percha Fields Attach comperchafieldsattach component 1.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. dot dot in the controller parameter to index.php...

CVE-2010-2041

Multiple cross-site scripting XSS vulnerabilities in index.php in PHP-Calendar before 2.0 Beta7 allow remote attackers to inject arbitrary web script or HTML via the 1 description and 2 lastaction parameters...

CVE-2010-2038

Cross-site scripting XSS vulnerability in include/tool/editingfiles.php in gpEasy CMS 1.6.2 allows remote authenticated users, with Edit privileges, to inject arbitrary web script or HTML via the gpcontent parameter to index.php. NOTE: some of these details are obtained from third party informati...

CVE-2010-2041

Multiple cross-site scripting XSS vulnerabilities in index.php in PHP-Calendar before 2.0 Beta7 allow remote attackers to inject arbitrary web script or HTML via the 1 description and 2 lastaction parameters...

Telia Web Design SQL Injection

------------------------------------------------------------------------------------------- Telia Web Design index.php SQL Injection Vulnerability ------------------------------------------------------------------------------------------- Author: CoBRa21 Mail: [email protected] Script Home:...

PHP Graphy 0.9.7 - index.php Remote Command Execution

PHP Graphy 0.9.7 - index.php Remote Command Execution ----------------------oOO------OOo----------------------- | | | / / / / | | / / / / / / / / / / / | | // // / / / // / // / // | | ///,// /./,/, // | | Security Sn!pEr.S!Te // 2o1o |...

Telia Web Design (index.php) SQL Injection Vulnerability

Exploit for php platform in category web applications ======================================================== Telia Web Design index.php SQL Injection Vulnerability ======================================================== Author: CoBRa21 Mail: email protected Script Home: http://www.telia.co.gr/...

PHP Graphy 0.9.7 - 'index.php' Remote Command Execution

----------------------oOO------OOo----------------------- | | | / / / / | | / / / / / / / / / / / | | // // / / / // / // / // | | ///,// /./,/, // | | Security Sn!pEr.S!Te // 2o1o | ------------------------------------------------------------ Remote Command Execution Vulnerability...

Telia Web Design - 'index.php' SQL Injection

------------------------------------------------------------------------------------------- Telia Web Design index.php SQL Injection Vulnerability ------------------------------------------------------------------------------------------- Author: CoBRa21 Mail: [email protected] Script Home:...

Yupana 0.1rc1 Remote File Inclusion / Local File Inclusion

------------------------------------------------------------------------ yupana-0.1rc1 RFI/LFI vulnerability ------------------------------------------------------------------------ 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ ...

Sql injection

SQL injection vulnerability in index.php in TomatoCMS before 2.0.5 allows remote attackers to execute arbitrary SQL commands via the q parameter in conjunction with a /news/search PATHINFO...

CVE-2010-1994

TomatoCMS is affected by a SQL injection in the /news/search handler. The vulnerability is triggered via the q parameter (e.g., q=) and creates injectable SQL in conjunction with the PATH_INFO /news/search. Affects TomatoCMS prior to 2.0.5; 2.0.5 fixes the issue, with the vulnerability reappearin...