eXV2 Module WebChat 1.60 - roomid SQL Injection

eXV2 Module WebChat 1.60 - roomid SQL Injection Powered by eXV2 WebChat 1.60 SQL Injection AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 MAÄ°L : [email protected] DORKS 1 : allinurl :"modules/WebChat" EXPLOIT 1 :...

exv2webchat-sql.txt

Powered by eXV2 WebChat 1.60 SQL Injection AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 MAİL : [email protected] DORKS 1 : allinurl :"modules/WebChat" EXPLOIT 1 :...

CVE-2008-1324

CVE-2008-1324 affects Travelsized CMS 0.4.1. The vulnerability is a directory-traversal flaw in index.php allowing remote attackers to include and execute arbitrary local files via a .. in the page_id and language parameters. This is supported by the NVD description and related entries that refer...

CVE-2008-1323

Cross-site request forgery CSRF vulnerability in index.php in WoltLab Burning Board Lite wBB 2 Beta 1 allows remote attackers to delete threads as other users via the ThreadDelete action...

CVE-2008-1313

Multiple SQL injection vulnerabilities in index.php in Bloo 1.00 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 postid, 2 postcategoryid, 3 postyearmonth, and 4 staticpageid parameters; and unspecified other vectors...

CVE-2008-1313

CVE-2008-1313 involves SQL injection vulnerabilities in Bloo 1.00 and earlier, triggered through parameters (post_id, post_category_id, post_year_month, static_page_id) and other vectors in index.php. Remote attackers could execute arbitrary SQL commands. The vulnerability is documented with a CV...

EasyGallery <= 5.0tr Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ==================================================== EasyGallery "alert"JosS + Cross Site Scripting: Vuln File: index.php Exploit: http://localhost/PATH/staticpages/easygallery/index.php?help=about&q=XSS Example: %22+onmouseover=alert"JosS...

yapblog-rfi.txt

Description: Yap Blog 1.1 Remote File Include RFI Script Name: Yap Blog 1.1 Author : THEMILLER contact : themilleratlinuxmail.org Download URL : http://wildmary.net-sauvage.com/share/yap1.1.tar.gz Bug Type: Remote File Inclusion Bug In: index.php Vulnerable Code: if isset$GET'page' include...

Joomla Component ProductShowcase <= 1.5 SQL Injection Vulnerability

Exploit for unknown platform in category web applications =================================================================== Joomla Component ProductShowcase = 1.5 SQL Injection Vulnerability =================================================================== Joomla Component comproductshowcase...

Joomla Component Candle 1.0 (cID) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ============================================================= Joomla Component Candle 1.0 cID SQL Injection Vulnerability ============================================================= JOOMLA comcandle SQL Injectioncid DORK 1 :...

Sql injection

SQL injection vulnerability in index.php in phpComasy 0.8 allows remote attackers to execute arbitrary SQL commands via the modprojectid parameter in a projectdetail action...

CVE-2008-1164

SQL injection vulnerability in index.php in phpComasy 0.8 allows remote attackers to execute arbitrary SQL commands via the modprojectid parameter in a projectdetail action...

Sql injection

SQL injection vulnerability in index.php in phpArcadeScript 1.0 through 3.0 RC2 allows remote attackers to execute arbitrary SQL commands via the userid parameter in a profile action...

CVE-2008-1165

Multiple cross-site scripting XSS vulnerabilities in Flyspray 0.9.9 through 0.9.9.4 allow remote attackers to inject arbitrary web script or HTML via 1 a forced SQL error message or 2 oldvalue and newvalue database fields in task summaries, related to the itemsummary parameter in a details action...

CVE-2008-1128

CVE-2008-1128 involves a PHP remote file inclusion in the PHPMyTourney 2 package, specifically in tourney/index.php. The vulnerability allows an attacker to execute arbitrary PHP code by supplying a crafted value in the page parameter, leading to remote code execution via a network-accessible end...

CVE-2008-1121

SQL injection vulnerability in index.php in eazyPortal 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the sessionvars cookie...

Koobi CMS 4.3.0 - 4.2.3 &#40;categ&#41; Remote SQL Injection Vulnerability

JosS + Spanish Hackers Team + Sys - Project + Info: Software: Koobi CMS 4.3.0 - 4.2.3 HomePage: http://www.dream4.de/ Exploit: Remote SQL Injection High Where: index.php Bug Found By: Jose Luis Gуngora Fernбndez | JosS Contact: sys-projectathotmail.com Web: http://www.spanish-hackers.com +...

phpComasy 0.8 (mod_project_id) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================= phpComasy 0.8 modprojectid Remote SQL Injection Vulnerability ================================================================= By email protectedKing phpComasy 0.8...

CVE-2008-0385

SQL injection vulnerability in server/widgetallocator.php in Urulu 2.1 allows remote attackers to execute arbitrary SQL commands via the connectionId parameter to index.php with 1 statprt/js/request or 2 dyn/js/request in the PATHINFO...

CVE-2008-0385

Urulu 2.1 contains a SQL injection in the connectionId parameter of index.php via PATH_INFO (statprt/js/request or dyn/js/request). The vulnerability allows remote attackers to extract data from the database, with potential for arbitrary code execution if the database user has FILE privileges (e....