CVE-2008-0854

SQL injection vulnerability in the comsalesrep component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the rid parameter in a showrep action to index.php...

CVE-2008-0855

CVE-2008-0855 describes an SQL injection in the Facile Forms (com_facileforms) component for Joomla! and Mambo, exploitable via the catid parameter to index.php. The vulnerability, as documented by NVD, has a base score of 7.5 (HIGH) with network attack vector, no authentication, and partial impa...

CVE-2008-0841

SQL injection vulnerability in index.php in the Giorgio Nordo Ricette comricette 1.0 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2008-0841

The CVE-2008-0841 entry concerns a SQL injection in Joomla! and Mambo’s com_ricette 1.0 (Giorgio Nordo Ricette) where the vulnerable component is index.php and the id parameter can be manipulated by an attacker to execute arbitrary SQL commands remotely. This is supported by the NVD description a...

CVE-2008-0846

CVE-2008-0846 is a SQL injection vulnerability in Joomla!’s com_profile component (index.php) that allows remote attackers to supply an oid parameter to execute arbitrary SQL commands. The description across multiple trusted sources confirms the same flaw and parameter. The NVD entry lists the af...

CVE-2008-0844

CVE-2008-0844 is a SQL injection vulnerability in the Joomla! PccookBook (com_pccookbook) component. The flaw affects index.php and allows remote attackers to execute arbitrary SQL commands via the user_id parameter. The issue is documented with a high-severity CVSS v2 base score (7.5, HIGH) and ...

CVE-2008-0833

CVE-2008-0833 describes an SQL injection in Joomla!'s com_galeria component, specifically in index.php during a detail action where the id parameter can be exploited to run arbitrary SQL commands. The vulnerability allows remote attackers to execute arbitrary SQL, potentially impacting data integ...

joomla SQL Injection(com_detail)

joomla SQL Injectioncomdetail AUTHOR : S@BUN HOME 1 : http://www.milw0rm.com/author/1334 MAL : [email protected] DORK 1 : allinurl :"comdetail" DORK 2 : allinurl: EXPLOIT :...

joomladetail-sql.txt

joomla SQL Injectioncomdetail AUTHOR : S@BUN HOME 1 : http://www.milw0rm.com/author/1334 MAİL : [email protected] DORK 1 : allinurl: comdetail DORK 2 : allinurl: EXPLOIT :...

joomlagenealogy-sql.txt

joomla SQL Injectioncomgenealogy AUTHOR : S@BUN HOME 1 : http://www.milw0rm.com/author/1334 MAİL : [email protected] DORK 1 : allinurl :"comgenealogy" DORK 2 : allinurl: EXPLOIT :...

xoopsseminars-sql.txt

XOOPS Module seminars SQL Injection AUTHOR : S@BUN HOME 1 : http://www.milw0rm.com/author/1334 MAİL : [email protected] DORK 1 : allinurl :"modules/seminars/index.php?op=show" DORK 2 : allinurl: EXPLOIT :...

joomlateam-sql.txt

joomla SQL Injectioncomteam AUTHOR : S@BUN HOME 1 : http://www.milw0rm.com/author/1334 MAİL : [email protected] DORK 1 : allinurl :"comteam" DORK 2 : allinurl: EXPLOIT : index.php?option=comteam&gid=-1//union//select//1,2,3,password,5,6,7,8,9,10,username,12,13//from//josusers/ S@B...

joomlageoboerse-sql.txt

joomla SQL Injectioncomgeoboerse AUTHOR : S@BUN HOME 1 : http://www.milw0rm.com/author/1334 MAİL : [email protected] DORK 1 : allinurl :"comgeoboerse" DORK 2 : allinurl: EXPLOIT :...

Joomla Component com_hwdvideoshare SQL Injection Vulnerability

Exploit for unknown platform in category web applications ============================================================== Joomla Component comhwdvideoshare SQL Injection Vulnerability ============================================================== joomla SQL Injectioncomhwdvideoshare+Powered by...

joomlamag-sql.txt

joomla SQL Injectioncommagazine AUTHOR : S@BUN HOME 1 : http://www.milw0rm.com/author/1334 MAİL : [email protected] DORK 1 : allinurl :"commagazine"pageid= DORK 2 : allinurl: EXPLOIT :...

CVE-2008-0819

Directory traversal vulnerability in index.php in PlutoStatus Locator 1.0 pre alpha allows remote attackers to include and execute arbitrary local files via a .. dot dot in the page parameter...

CVE-2008-0822

CVE-2008-0822 affects Scribe 0.2: a directory traversal in index.php via the page parameter (".."), enabling read of arbitrary local files. Root cause is insufficient input validation. Impact is local confidentiality exposure (PARTIAL). CVSS v2 base score 3.6 (LOW) with LOCAL access and no authen...

PT-2008-2438 · Etomite · Etomite

Name of the Vulnerable Software and Affected Versions: Etomite version 0.6.1.4 Final Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML. The issue is disputed by the vendor, who claims the affected variable is $ SERVER'PHP SELF' and states...

joomlasched-sql.txt

joomla SQL Injection comscheduling AUTHOR : S@BUN HOME 1 : http://www.milw0rm.com/author/1334 MAİL : [email protected] DORK 1 : allinurl: comscheduling DORK 2 : allinurl: EXPLOIT :...

banpro-lfi.txt

banpro-dms 1.0 local file inclusion vulnerability download http://sourceforge.net/projects/banprodms author muuratsalo contact muuratsaloatgmail.com exploit http://localhost/DMS/index.php?action=../../../../../../../../../../etc/passwd%00...