Unfixed XSS vulnerability at www.phrozen.biz

Security researcher Michael Ansel, has submitted on 22/04/2008 a cross-site-scripting XSS vulnerability affecting www.phrozen.biz, which at the time of submission ranked 7618089 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 23/04/2008. It is...

WordPress <= 2.3.3 'index.php' Arbitrary File Access

Binary data 4482.prm...

AllMyGuests <= 0.4.1 (AMG_id) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================ AllMyGuests = 0.4.1 AMGid Remote SQL Injection Vulnerability ================================================================ Found by : -=Player=- Greatz to: LidlosesAuge,...

AllMyGuests 0.4.1 - &#039;AMG_id&#039; SQL Injection

Found by : -=Player=- Contacts : 282-246-419 ICQ Greatz to: LidlosesAuge, Suicide, enco, Free-Hack Script : AllMyGuests Site : http://www.php-resource.net/ Dork : "powered by AllMyGuests" Valnu : index.php Parameter: AMGid Injection:...

Sql injection

SQL injection vulnerability in Blog Pixel Motion aka Blog PixelMotion allows remote attackers to execute arbitrary SQL commands via the categorie parameter to index.php, possibly related to include/requetesIndex.php...

Sql injection

SQL injection vulnerability in index.php in Terong PHP Photo Gallery aka Advanced Web Photo Gallery 1.0 allows remote attackers to execute arbitrary SQL commands via the photoid parameter...

CVE-2008-1875

Terong PHP Photo Gallery (Advanced Web Photo Gallery) 1.0 has an SQL injection in index.php via the photo_id parameter, enabling remote execution of arbitrary SQL commands. Affected component: index.php in Terong PHP Photo Gallery; root cause: unsafely constructed SQL query parameter. Impact: par...

Classifieds Caffe (index.php cat_id) SQL Injection Vulnerability

No description provided by source. --==+=================== Spanish Hackers Team www.spanish-hackers.com =================+==-- --==+ Classifieds Caffe index.php catid Remote SQL Injection +==-- --==+====================================================================================+==-- + JosS ...

Classifieds Caffe &#40;index.php cat_id&#41; Remote SQL Injection

--==+=================== Spanish Hackers Team www.spanish-hackers.com =================+==-- --==+ Classifieds Caffe index.php catid Remote SQL Injection +==-- --==+====================================================================================+==-- + JosS + Spanish Hackers Team + Sys -...

CVE-2008-1838

SQL injection vulnerability in BosClassifieds Classified Ads System 3.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter to index.php...

Cross site scripting

Cross-site scripting XSS vulnerability in the joomlaXplorer comjoomlaxplorer Mambo/Joomla! component 1.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the error parameter in a showerror action to index.php...

CVE-2008-1849

CVE-2008-1849 affects the joomlaXplorer (com_joomlaxplorer) component for Mambo/Joomla! up to version 1.6.2 and earlier. The vulnerability is a directory traversal in index.php, where a .. in the dir parameter of a show_error action can cause listing of arbitrary directories. This is a remote (ne...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in index.php in Poplar Gedcom Viewer 2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 text and 2 ul parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...

CVE-2008-1787

Multiple cross-site scripting XSS vulnerabilities in index.php in Poplar Gedcom Viewer 2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 text and 2 ul parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...

CVE-2008-1800

Multiple cross-site scripting XSS vulnerabilities in index.php in DivXDB 2002 0.94b allow remote attackers to inject arbitrary web script or HTML via the 1 choice, 2 page, 3 zoneadmin, 4 generalsearch, and 5 import parameters. NOTE: the provenance of this information is unknown; the details are...

CVE-2008-1800

Multiple cross-site scripting XSS vulnerabilities in index.php in DivXDB 2002 0.94b allow remote attackers to inject arbitrary web script or HTML via the 1 choice, 2 page, 3 zoneadmin, 4 generalsearch, and 5 import parameters. NOTE: the provenance of this information is unknown; the details are...

CVE-2008-1787

Poplar Gedcom Viewer 2.0 is affected by multiple XSS in index.php via the (1) text and (2) ul parameters. The issue is documented across multiple sources (NVD entry CVE-2008-1787 and related records) and does not provide exploitation details in the connected documents. CVSS metrics from NVD indic...

CVE-2008-1800

CVE-2008-1800 affects DivXDB 2002 0.94b: multiple XSS in index.php exploited through (1) choice, (2) page , (3) zone_admin, (4) general_search, (5) import parameters. Attacker-supplied input can inject arbitrary script/HTML. According to NVD, base score 4.3 (Medium) with network attack vector and...

classifiedscaffe-sql.txt

--==+=================== Spanish Hackers Team www.spanish-hackers.com =================+==-- --==+ Classifieds Caffe index.php catid Remote SQL Injection +==-- --==+====================================================================================+==-- + JosS + Spanish Hackers Team + Sys -...

Classifieds Caffe (index.php cat_id) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================ Classifieds Caffe index.php catid SQL Injection Vulnerability ================================================================ + Info: Software: Classifieds Caffe Exploit:...