CVE-2009-4564

SQL injection vulnerability in index.php in Zenphoto 1.2.5, when the ZenPage plugin is enabled, allows remote attackers to execute arbitrary SQL commands via the category parameter, related to a URI under news/category/...

Cross site scripting

Cross-site scripting XSS vulnerability in the Survey Pro module for Miniweb 2.0 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to index.php...

CVE-2009-4551

SQL injection vulnerability in the Survey Pro module for Miniweb 2.0 allows remote attackers to execute arbitrary SQL commands via the campaignid parameter in a results action to index.php...

CVE-2009-4552

Cross-site scripting XSS vulnerability in the Survey Pro module for Miniweb 2.0 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to index.php...

Joomla Otzivi Blind SQL Injection

Joomla Component comotzivi Blind SQL Injection Vulnerability Author : Cyber945 Home : Ar-ge.Org Greetz : By.Danger,D3xer,LionTurk and All Ar-ge.Org Members Not3 : Ar-ge.Org Online Name : comotzivi Bug Type : Blind SQL Injection Infection : Adminin bilgileri alinabilir. Dork : :...

Cype CMS SQL Injection

Exploit Title: Cype Content Management System Remote SQL Injection Exploit Date: January 1st, 2010 Author: Sora Version: Revision 241 Tested on: Linux Backtrack 3 ----------------------------------------- Cype CMS Remote SQL Injection Exploit Author: Sora Contact: vhr95zw at hotmail dot com...

WordPress 1.5 index.php 跨站脚本攻击漏洞

No description provided by source...

Joomla Component com_cartweberp LFI Vulnerability

Exploit for unknown platform in category web applications ================================================= Joomla Component comcartweberp LFI Vulnerability ================================================= @email protected @=Script : Joomla Component comcartweberp @=Author : FL0RiX @=Bug Type :...

Joomla! Component com_cartweberp - Local File Inclusion

@=======================================@ @=Script : Joomla Component comcartweberp @=Author : FL0RiX @=Greez : Deep-Power ,KaCaK,Wretch-x & All Friends @=Bug Type : Local File InlusionLFI @=Dork : inurl:"comcartweberp" @=======================================@ @=Vuln :http://server/ Yol...

Cype CMS - SQL Injection

Cype CMS - SQL Injection Exploit Title: Cype Content Management System Remote SQL Injection Exploit Date: January 1st, 2010 Author: Sora Version: Revision 241 Tested on: Linux Backtrack 3 ----------------------------------------- Cype CMS Remote SQL Injection Exploit Author: Sora Contact: vhr95zw...

Cype CMS - SQL Injection

Exploit Title: Cype Content Management System Remote SQL Injection Exploit Date: January 1st, 2010 Author: Sora Version: Revision 241 Tested on: Linux Backtrack 3 ----------------------------------------- Cype CMS Remote SQL Injection Exploit Author: Sora Contact: vhr95zw at hotmail dot com...

CVE-2009-4512

Oscailt 3.3 is affected by a directory traversal vulnerability in index.php where, if Use Friendly URL’s is disabled, an attacker can cause local files to be included and executed by supplying a .. in the obj_id parameter. The NVD entry (CVE-2009-4512) describes this as a mixed impact issue with ...

CVE-2009-4523

CVE-2009-4523 is an XSS vulnerability in Zainu 1.0. The issue resides in index.php, vulnerable via the searchSongKeyword parameter in a SearchSong action, allowing remote injection of arbitrary script/HTML. The NVD entry assigns a CVSSv2 base score of 4.3 (medium) with network attack vector, requ...

CVE-2009-4460

Multiple cross-site scripting XSS vulnerabilities in Auto-Surf Traffic Exchange Script 1.1 allow remote attackers to inject arbitrary web script or HTML via the rid parameter to 1 index.php, 2 faq.php, and 3 register.php...

CVE-2009-4460

Multiple cross-site scripting XSS vulnerabilities in Auto-Surf Traffic Exchange Script 1.1 allow remote attackers to inject arbitrary web script or HTML via the rid parameter to 1 index.php, 2 faq.php, and 3 register.php...

Joomla Calendario Blind SQL Injection

Joomla Component comcalendario Blind SQL injection Vulnerability author : Mr.tro0oqy -- yemeni hacker email : [email protected] dork: inurl:index.php?option=comcalendario exp : http://www.target.com/index.php?option=comcalendario&task=detalhes&Itemid=88&id=297+and+1=1 true...

DBHCMS Web Content Management System 1.1.4 Remote File Inclusion

DBHCMS - Web Content Management System RFI Vulnerability http://www.drbenhur.com/ Author: Gamoscu Site: www.1923turk.biz https://gamoscu.wordpress.com/ Manas58 - Baybora - Delibey - Tiamo - Psiko - Turco - infazci - X-TRO Hosgeldin medine bebek Allah anali babali buyutsun pasam Exploit: Vuln file...

Joomla 1.5.x Local File Inclusion

Joomla 1.5.x + Download: http://www.joomla.org/download.html + Bug: Local File inclusion in index.php file + Author: s4r4d0 + Mail: [email protected] + Team: Fatal Error + Poc: http://www.site.com/index.php?option=/../../../../../../../../../../../../etc/passwd%00 + Demo:...

phpbb 2.0.8 index.php 跨站脚本漏洞

No description provided by source...

Sql injection

SQL injection vulnerability in index.php in CodeMight VideoCMS 3.1 allows remote attackers to execute arbitrary SQL commands via the v parameter in a video action...