Joomla Component com_clasifier (cat_id) SQL Injection Vulnerability

Exploit for unknown platform in category web applications =================================================================== Joomla Component comclasifier catid SQL Injection Vulnerability =================================================================== joomla SQL Injectioncomclasifier DORK 1...

CVE-2008-0802

CVE-2008-0802 describes a SQL injection in Joomla!’s MediaSlide component, specifically in the com_mediaslide 0.5 version, where the vulnerability is triggered via the albumnum parameter in a contact action. The underlying issue is an unsafely constructed SQL query that allows remote attackers to...

CVE-2008-0801

The CVE-2008-0801 entry describes an SQL injection in the PAXXGallery (com_paxxgallery) 0.2 component for Mambo/Joomla!, exploitable remotely via (1) iid in a view action and possibly (2) userid parameter. Affected software is PAXXGallery 0.2 for Mambo/Joomla!; root cause is improper sanitization...

joomla "com_omnirealestate" S@L Injection

AUTHOR : S@BUN HOME : http://www.hackturkiye.com/ dork 2= allinurl: "comomnirealestate" index.php?option=comomnirealestate&Itemid=0&func=showObject&info=contact&objid=-9999//union//select//username,password//from//mosusers/&results=S@BUN...

CVE-2008-0783

Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote attackers to inject arbitrary web script or HTML via 1 the viewtype parameter to graph.php; 2 the filter parameter to graphview.php; 3 the action parameter to the drawnavigationtext...

CVE-2008-0785

Multiple SQL injection vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote authenticated users to execute arbitrary SQL commands via the 1 graphlist parameter to graphview.php, 2 leafid and id parameters to tree.php, 3 localgraphid parameter to graphxport.php, and 4...

Scribe <= 0.2 (index.php page) Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ================================================================= Scribe = 0.2 index.php page Local File Inclusion Vulnerability ================================================================= scribe 0.2 local file inclusion vulnerabilit...

Joomla Component xfaq 1.2 (aid) Remote SQL Injection Vulnerability

No description provided by source. joomla SQL Injectioncomxfaq AUTHOR : S@BUN HOME : http://www.hackturkiye.com http://www.milw0rm.com/author/1334 MA陌L : [email protected] [email protected] DORK 1 : allinurl: aid "comxfaq" DORK 2 : allinurl: "comxfaq" EXPLOIT :...

Scribe 0.2 - &#039;index.php&#039; Local File Inclusion

scribe 0.2 local file inclusion vulnerability download http://sourceforge.net/projects/scribe/ author muuratsalo contact muuratsaloatgmail.com exploit http://localhost/0.2/index.php?page=../../../../../../../../../../etc/passwd%00 milw0rm.com 2008-02-14...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in MercuryBoard 1.1.5 allows remote attackers to inject arbitrary web script or HTML via the message parameter aka the message text area, which leads to an injection in the messenger during private message PM preview. NOTE: some of these details...

CVE-2008-0765

Multiple cross-site scripting XSS vulnerabilities in artmedic webdesign weblog allow remote attackers to inject arbitrary web script or HTML via the 1 date parameter to artmedicprint.php and the 2 jahrneu parameter to index.php...

Sql injection

SQL injection vulnerability in index.php in the comiomezun component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit action...

CVE-2008-0757

The CVE-2008-0757 entry documents a Cross-site Scripting (XSS) vulnerability in MercuryBoard 1.1.5, specifically in index.php where the message parameter (the message text area) can be exploited to inject arbitrary web script or HTML. The issue can lead to an injection during Private Message (PM)...

CVE-2008-0762

CVE-2008-0762 is a SQL injection vulnerability affecting Joomla! in the com_iomezun component (index.php) where the id parameter in an edit action can be tampered to execute arbitrary SQL commands. The NVD entry reports a CVSS v2 base score of 7.5 (HIGH) with network attack vector and low complex...

CVE-2008-0749

CVE-2008-0749 is a Cross-site Scripting (XSS) vulnerability in Calimero.CMS 3.3, exploitable via the id parameter in the calimero_webpage action of index.php. The NVD entry states the vulnerability can allow an attacker to inject arbitrary script/HTML, with the impact on confidentiality: none, in...

Joomla! Component xfaq 1.2 - aid SQL Injection

Joomla! Component xfaq 1.2 - aid SQL Injection joomla SQL Injectioncomxfaq AUTHOR : S@BUN HOME : http://www.hackturkiye.com http://www.milw0rm.com/author/1334 MAÄ°L : [email protected] [email protected] DORK 1 : allinurl: aid "comxfaq" DORK 2 : allinurl: "comxfaq" EXPLOIT ...

CVE-2008-0733

SQL injection vulnerability in index.php in CS Team Counter Strike Portals allows remote attackers to execute arbitrary SQL commands via the id parameter, as demonstrated using the downloads page...

Joomla! Component xfaq 1.2 - &#039;aid&#039; SQL Injection

joomla SQL Injectioncomxfaq AUTHOR : S@BUN HOME : http://www.hackturkiye.com http://www.milw0rm.com/author/1334 MAÄ°L : [email protected] [email protected] DORK 1 : allinurl: aid "comxfaq" DORK 2 : allinurl: "comxfaq" EXPLOIT :...

Sql injection

SQL injection vulnerability in index.php in the Sermon comsermon 0.2 component for Mambo allows remote attackers to execute arbitrary SQL commands via the gid parameter...

Sql injection

SQL injection vulnerability in index.php in BlogPHP 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a page action...