DomPHP 0.81 (index.php page) Remote File Inclusion Vulnerability

No description provided by source. DomPHP v0.81 Remote File Inclusion Vulnerability AUTHOR : H-T Team HouSSamix ToXiC350 HOME : http://no-hack.net Script : DomPHP Version : 0.81 Site : http://www.domphp.com Download : http://www.domphp.com/download/cat.php?idcat=1 Vulnerable CODE : /aides/index.p...

DomPHP 0.81 (index.php page) Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ================================================================ DomPHP 0.81 index.php page Remote File Inclusion Vulnerability ================================================================ DomPHP v0.81 Remote File Inclusion Vulnerabili...

DomPHP 0.81 - 'index.php' Remote File Inclusion

DomPHP v0.81 Remote File Inclusion Vulnerability AUTHOR : H-T Team HouSSamix ToXiC350 HOME : http://no-hack.net Script : DomPHP Version : 0.81 Site : http://www.domphp.com Download : http://www.domphp.com/download/cat.php?idcat=1 Vulnerable CODE : /aides/index.php if isset$GET'page'...

Sql injection

SQL injection vulnerability in index.php in NetRisk 1.9.7 and possibly earlier versions allows remote attackers to execute arbitrary SQL commands via the pid parameter in a profile page possibly profile.php...

CVE-2008-0186

Cross-site scripting XSS vulnerability in index.php in NetRisk 1.9.7 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter, possibly related to CVE-2008-0144...

CVE-2008-0186

CVE-2008-0186 is an XSS vulnerability in NetRisk 1.9.7 (and possibly earlier) affecting index.php. The issue allows remote attackers to inject arbitrary web script or HTML through the page parameter. The affected product is NetRisk; root cause is reflected/scriptable input via the page parameter ...

CVE-2008-0185

CVE-2008-0185 affects NetRisk 1.9.7 (and possibly earlier) and is caused by an SQL injection in index.php where the pid parameter in a profile page (profile.php) is not properly sanitized. This allows remote attackers to execute arbitrary SQL commands. The NVD entry documents a base score of 7.5 ...

CVE-2008-0184

CVE-2008-0184 affects Sys-Hotel on Line System. Affects the index.php file where an absolute path traversal can occur via an encoded slash (%2F) in the file parameter, enabling remote reading of arbitrary files. The NVD entry lists a Network attack vector with Low complexity and no authentication...

Sql injection

SQL injection vulnerability in index.php in EvilBoard 0.1a Alpha allows remote attackers to execute arbitrary SQL commands the c parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in EvilBoard 0.1a Alpha allows remote attackers to inject arbitrary web script or HTML via the c parameter...

Path traversal

Absolute path traversal vulnerability in index.php in Million Dollar Script 2.0.14 allows remote attackers to read arbitrary files via encoded "/" %2F sequences in the link parameter...

Sql injection

SQL injection vulnerability in index.php in SmallNuke 2.0.4 and earlier, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via 1 the useremail parameter and possibly 2 username parameter in a Members action...

CVE-2008-0155

Cross-site scripting XSS vulnerability in index.php in EvilBoard 0.1a Alpha allows remote attackers to inject arbitrary web script or HTML via the c parameter...

CVE-2008-0155

The CVE-2008-0155 entry concerns a Cross-site Scripting (XSS) vulnerability in EvilBoard 0.1a (Alpha). The affected component is index.php; the issue is triggered by the c parameter, allowing an attacker to inject arbitrary web script or HTML. Public references (NVD, CVE records) confirm the vuln...

SineCms 'index.php'远程文件包含漏洞

BUGTRAQ ID: 27156 CNCAN ID:CNCAN-2008010810 SineCms是一款基于PHP的WEB应用程序。 SineCms不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞以WEB权限执行任意PHP代码。 问题是由于'index.php'脚本对用户提交的'sineconfigindexmain'参数缺少过滤，提交远程服务器上的任意文件作为包含对象，可导致以WEB权限执行任意PHP代码。 SineCms SineCms 2.3.5 SineCms SineCms 2.3.4 SineCms SineCms 2.3.2 SineCms SineCms 2.2...

CVE-2008-0147

CVE-2008-0147 affects SmallNuke versions up to 2.0.4 where magic_quotes_gpc is disabled. The SQL injection is triggered in index.php via the user_email parameter and possibly the username parameter in a Members action, allowing remote attackers to execute arbitrary SQL commands. This entry lists ...

CVE-2008-0159

SQL injection vulnerability in index.php in eggBlog 3.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the eggblogpassword parameter in a cookie...

CVE-2008-0156

CVE-2008-0156: Absolute path traversal in Million Dollar Script 2.0.14 (index.php) lets remote attackers read arbitrary files via encoded '/' sequences in the link parameter. Affected: Million Dollar Script 2.0.14; root cause: improper handling of encoded path separators. Impact: read access to a...

sysHotel On Line Remote File Disclosure Vulnerability.

-------------------------------------------------------------- sysHotel On Line Remote File Disclosure Vulnerability. -------------------------------------------------------------- download : http://www.syshotelonline.it/ author : p4imi0 contact : [email protected] exploit :...

syshotelonline-disclose.txt

-------------------------------------------------------------- sysHotel On Line Remote File Disclosure Vulnerability. -------------------------------------------------------------- download : http://www.syshotelonline.it/ author : p4imi0 contact : [email protected] exploit :...