CVE-2009-3802

Amiro.CMS 5.4.0.0 and earlier allows remote attackers to obtain sensitive information via an invalid loginname "%%%" to admin/index.php, which reveals the installation path and other information in an error message...

CVE-2009-3788

SQL injection vulnerability in index.php in OpenDocMan 1.2.5 allows remote attackers to execute arbitrary SQL commands via the frmuser aka Username parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in phpBMS 0.96 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 index.php and 2 modules\base\myaccount.php; and the PATHINFO to 3 modulesview.php, 4 tabledefsoptions.php, and 5 adminsettings.php in...

CVE-2009-3755

Multiple cross-site scripting XSS vulnerabilities in phpBMS 0.96 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 index.php and 2 modules\base\myaccount.php; and the PATHINFO to 3 modulesview.php, 4 tabledefsoptions.php, and 5 adminsettings.php in...

FreeSchool 1.1.0 xss

No description provided by source. | D R U N K E N | || || || D A N I S H | || || |' R E D N E C K S '--''--''--' RESEARCH AND FUCKING HACKING: | DRUNKEN DANISH REDNECKS | || || || !!!!!!! | || || |' [email protected] '--''--''--' = FREESCHOOL 1.1.0 XSS FUCK SCHOOL!!! | | "keyword...

FreeSchool <= 1.1.0 xss

Exploit for unknown platform in category web applications ======================= FreeSchool = 1.1.0 xss ======================= | D R U N K E N | || || || D A N I S H | || || |' R E D N E C K S '--''--''--' RESEARCH AND FUCKING HACKING: | DRUNKEN DANISH REDNECKS | || || || !!!!!!! | || || |'...

AdaptBB <= 1.0 xss

Exploit for unknown platform in category web applications ================== AdaptBB = 1.0 xss ================== | D R U N K E N | || || || D A N I S H | || || |' R E D N E C K S '--''--''--' RESEARCH AND FUCKING HACKING: | DRUNKEN DANISH REDNECKS | || || || !!!!!!! | || || |' '--''--''--' =...

AdaptBB 1.0 Cross Site Scripting

| D R U N K E N | || || || D A N I S H | || || |' R E D N E C K S '--''--''--' RESEARCH AND FUCKING HACKING: | DRUNKEN DANISH REDNECKS | || || || !!!!!!! | || || |' [email protected] '--''--''--' = ADAPTBB 1.0 XSS | | "q" PARMETER IN INDEX.PHP @...

FreeSchool 1.1.0 Cross Site Scripting

| D R U N K E N | || || || D A N I S H | || || |' R E D N E C K S '--''--''--' RESEARCH AND FUCKING HACKING: | DRUNKEN DANISH REDNECKS | || || || !!!!!!! | || || |' [email protected] '--''--''--' = FREESCHOOL 1.1.0 XSS FUCK SCHOOL!!! | | "keywords" PARMETER IN INDEX.PHP @...

Zainu <= 1.0 xss

Exploit for unknown platform in category web applications ================ Zainu = 1.0 xss ================ | D R U N K E N | || || || D A N I S H | || || |' R E D N E C K S '--''--''--' PREBEN OG CARSTEN SAY | "WE GAVE U FUCKING VULNS | || || || NOW GIVE US FUCKING BEERS!!!!!!! | || || |'...

AdaptBB 1.0 xss

No description provided by source. | D R U N K E N | || || || D A N I S H | || || |' R E D N E C K S '--''--''--' RESEARCH AND FUCKING HACKING: | DRUNKEN DANISH REDNECKS | || || || !!!!!!! | || || |' [email protected] '--''--''--' = ADAPTBB 1.0 XSS | | "q" PARMETER IN INDEX.PHP @...

Redcat Media SQL Injection

x==========================================x | AntiSecuritydotorg | x==========================================x x==========================================x | Title : redcat media inurl:index.php?contentId= SQL Injection Vulnerability | Vendor : http://www.redcatmedia.co.uk/ | Date : 2 oktober...

Sql injection

Multiple SQL injection vulnerabilities in index.php in Nullam Blog 0.1.2 allow remote attackers to execute arbitrary SQL commands via the 1 i parameter or 2 v parameters in a register action...

CVE-2009-3665

Multiple SQL injection vulnerabilities in index.php in Nullam Blog 0.1.2 allow remote attackers to execute arbitrary SQL commands via the 1 i parameter or 2 v parameters in a register action...

CVE-2009-3667

CVE-2009-3667 affects AdsDX 3.05. A SQL injection in admin/index.php via the Username parameter allows remote attackers to execute arbitrary SQL commands. Root cause: insufficient input validation/escaping enabling injection. Impact per sources: attacker could potentially access/modify data (part...

QuickCart 3.x xss xsrf Local File Inclusion Directory Traversal

No description provided by source. DISCOVERED: Paweł 'kl3ryk' Łaskarzewski GREETZ: hawk, pin3ska, black ant, qwert666, ua and gacmaan DIRECTORY TRAVERSAL http://victim.com/?p=ONE OF THE EXISITING FILES-EXISITING ACTION IN THIS FILE- Most of actions load templates form bad directory and then thr...

QuickCart 3.x xss xsrf Local File Inclusion Directory Traversal

No description provided by source. DISCOVERED: Paweł 'kl3ryk' Łaskarzewski GREETZ: hawk, pin3ska, black ant, qwert666, ua and gacmaan DIRECTORY TRAVERSAL http://victim.com/?p=ONE OF THE EXISITING FILES-EXISITING ACTION IN THIS FILE- Most of actions load templates form bad directory and then thr...

cP Creator 'tickets' Cookie SQL Injection Vulnerability

The host is running cP Creator and is prone to SQL Injection Vulnerability OpenVAS Vulnerability Test $Id: gbcpcreatorsqlinjvuln.nasl 4865 2016-12-28 16:16:43Z teissa $ cP Creator 'tickets' Cookie SQL Injection Vulnerability Authors: Antu Sanadi Copyright: Copyright c 2009 Greenbone Networks GmbH...

cP Creator 'tickets' Cookie SQL Injection Vulnerability

cP Creator is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Directory traversal

Directory traversal vulnerability in index.php in LionWiki 3.0.3, when magicquotesgpc is disabled, allows remote attackers to read arbitrary files via a .. dot dot in the page parameter...