CVE-2008-2351

Multiple SQL injection vulnerabilities in index.php in CMS WebManager-Pro allow remote attackers to execute arbitrary SQL commands via the 1 langid and 2 menuid parameters...

CVE-2008-2356

The CVE-2008-2356 entry concerns an SQL injection in index.php of Archangel Weblog 0.90.02 and earlier, exploitable via the post_id parameter to allow remote execution of arbitrary SQL commands. Affected software is Archangel Weblog (version 0.90.02 and earlier); the underlying vulnerability is i...

MX-System 2.7.3 - index.php SQL Injection

MX-System 2.7.3 - index.php SQL Injection Name : MX-System 2.7.3 index.php page Remote SQL Injection Vulnerability Author : cOndemned Dork : intext:Powered by MX-System 2.7.3 Greetz : ZaBeaTy, str0ke, doctor, Avantura /3 PoC :...

ComicShout 2.5 (index.php comic_id) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ====================================================================== ComicShout 2.5 index.php comicid Remote SQL Injection Vulnerability ====================================================================== Exploit:...

MX-System 2.7.3 (index.php page) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications =================================================================== MX-System 2.7.3 index.php page Remote SQL Injection Vulnerability =================================================================== Name : MX-System 2.7.3 index.php page...

MX-System 2.7.3 - 'index.php' SQL Injection

Name : MX-System 2.7.3 index.php page Remote SQL Injection Vulnerability Author : cOndemned Dork : intext:Powered by MX-System 2.7.3 Greetz : ZaBeaTy, str0ke, doctor, Avantura /3 PoC : http://target/path/index.php?page=-1+union+select+1,2,3,4,5,concatwschar58,version,user,now/...

CVE-2008-2340

Multiple SQL injection vulnerabilities in News Manager 2.0 allow remote attackers to execute arbitrary SQL commands via the 1 lang parameter to a advsearch.php, b archive.php, and c index.php, and the 2 pid parameter to d listtagitems.php...

Sql injection

SQL injection vulnerability in index.php in Turnkey Web Tools SunShop Shopping Cart 3.5.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in an item action, a different vector than CVE-2008-2038, CVE-2007-4597, and CVE-2007-2549...

CVE-2008-2340

CVE-2008-2340 affects News Manager 2.0 with multiple SQL injection vulnerabilities. Remote attackers can exploit the (1) lang parameter in advsearch.php, archive.php, and index.php, and the (2) pid parameter in list_tagitems.php to execute arbitrary SQL commands. The entry is documented with a hi...

microssys CMS 1.5 - Remote File Inclusion

microSSys CMS = 1.5 Remote File Inclusion Vulnerability Software site: http://wajox.com/ =============================================================== By Raz0r www.Raz0r.name =============================================================== Vulnerable code index.php@22-25,54-55: 22...

WR-Meeting 1.0 (msnum) Local File Disclosure Vulnerability

No description provided by source. | By Cr@zyKing / [email protected] \ ^| GrtZ : TheKacak - CrackersChild - Rmx - TRip - Eno7 - DreamTurk - KnocKout - TheBekir and str0ke \ ^| WR-Meeting v1.0 FI \ ^| Down : http://www.wr-script.ru/ \ ^| Demo : http://www.wr-script.ru/meeting/ ^| Info :...

GNUGallery 1.1.1.0 - admin.php Local File Inclusion

GNUGallery 1.1.1.0 - admin.php Local File Inclusion --==+================================================================================+==-- --==+ GNU/Gallery Vulnerability: http://site.com/admin.php?show=../../../../../../../etc/passwd NOTE/TIP: fair amount of sites running, althou no good dor...

GNU/Gallery <= 1.1.1.0 (admin.php) Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ===================================================================== GNU/Gallery Vulnerability: http://site.com/admin.php?show=../../../../../../../etc/passwd NOTE/TIP: fair amount of sites running, althou no good dork. 0day.today 2018-04...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in PHPWAY Kostenloses Linkmanagementscript allow remote attackers to execute arbitrary PHP code via a URL in the 1 mainpagedirectory and 2 pagetoinclude parameters in template\index.php...

CVE-2008-2264

Cross-site scripting XSS vulnerability in index.php in CyrixMED 1.4 allows remote attackers to inject arbitrary web script or HTML via the msgerreur parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2008-2280

CVE-2008-2280 describes a cross-site scripting (XSS) vulnerability in admin/index.php of Script PHP PicEngine 1.0. The vulnerability allows remote attackers to inject arbitrary web script or HTML via the l parameter. The description notes the information provenance as third-party. The provided do...

CVE-2008-2264

The CVE-2008-2264 entry concerns an XSS vulnerability in CyrixMED 1.4, triggered in index.php via the msg_erreur parameter. Affected component: index.php function handling user-supplied input. Underlying cause is a lack of proper input sanitization sufficient to prevent HTML/script injection. Imp...

CVE-2008-2264

Cross-site scripting XSS vulnerability in index.php in CyrixMED 1.4 allows remote attackers to inject arbitrary web script or HTML via the msgerreur parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

sunshop-blindsql.txt

!/usr/bin/perl -w use LWP::UserAgent; scripts : SunShop Version 3.5.1 Remote Blind Sql Injection scripts site : http://www.turnkeywebtools.com/sunshop/ Discovered By : irvian site : http://irvian.cn email : [email protected] print "\r\n+-----------------------------------------+\r\n"; print...

CVE-2008-2225

SQL injection vulnerability in index.php in gameCMS Lite 1.0 allows remote attackers to execute arbitrary SQL commands via the systemId parameter...