Remote file inclusion

PHP remote file inclusion vulnerability in index.php in Mp3 ToolBox 1.0 beta 5 allows remote attackers to execute arbitrary PHP code via a URL in the skinfile parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in ph03y3nk just another flat file JAF CMS 4.0 RC2 allow remote attackers to inject arbitrary web script or HTML via the 1 show parameter to index.php and the 2 print parameter to print.php. NOTE: the provenance of this information is unknown; the...

CVE-2007-6142

Multiple cross-site scripting XSS vulnerabilities in ph03y3nk just another flat file JAF CMS 4.0 RC2 allow remote attackers to inject arbitrary web script or HTML via the 1 show parameter to index.php and the 2 print parameter to print.php. NOTE: the provenance of this information is unknown; the...

CVE-2007-6136

Multiple cross-site scripting XSS vulnerabilities in index.php in M2Scripts MySpace Scripts Poll Creator allow remote attackers to inject arbitrary web script or HTML via the 1 title, 2 intro, and 3 question parameters, and 4 unspecified answer parameters, in a createnew action. NOTE: some of the...

Sql injection

SQL injection vulnerability in news.php in Content Injector 1.52 allows remote attackers to execute arbitrary SQL commands via the cat parameter to index.php. NOTE: some of these details are obtained from third party information...

CVE-2007-6137

SQL injection vulnerability in news.php in Content Injector 1.52 allows remote attackers to execute arbitrary SQL commands via the cat parameter to index.php. NOTE: some of these details are obtained from third party information...

CVE-2007-6142

Multiple cross-site scripting XSS vulnerabilities in ph03y3nk just another flat file JAF CMS 4.0 RC2 allow remote attackers to inject arbitrary web script or HTML via the 1 show parameter to index.php and the 2 print parameter to print.php. NOTE: the provenance of this information is unknown; the...

mp3toolbox-rfi.txt

+By CrackersChild+ Script.......: Mp3 ToolBox 1.0 beta 5 Download.....: http://www.radiotoolbox.com/downloads/mp3toolbox/mp3toolboxbeta-5.zip Author.......: CrackersChild | [email protected] & [email protected] Class........: Remote File İnclude Vulnerability Dork.........:...

project alumni 1.0.9 (index.php act) Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ======================================================================= project alumni 1.0.9 index.php act Local File Inclusion Vulnerability ======================================================================= project alumni 1.0.9 remo...

project alumni 1.0.9 (index.php act) Local File Inclusion Vulnerability

No description provided by source. project alumni 1.0.9 remote file disclosure vulnerability download : https://sourceforge.net/projects/project-alumni/ vulnerable code on index.php include$SERVER'DOCUMENTROOT' . "/pages/" . $GET'act' . ".page.inc.php"; exploit :...

project alumni 1.0.9 - 'index.php?act' Local File Inclusion

project alumni 1.0.9 remote file disclosure vulnerability download : https://sourceforge.net/projects/project-alumni/ vulnerable code on index.php include$SERVER'DOCUMENTROOT' . "/pages/" . $GET'act' . ".page.inc.php"; exploit : http://victim/path/index.php?act=../../../../../../etc/passwd%00...

Sql injection

Multiple SQL injection vulnerabilities in project alumni 1.0.9 and earlier allow remote attackers to execute arbitrary SQL commands via the year parameter to 1 view.page.inc.php, which is reachable through a view action to index.php; or 2 the year parameter to news.page.inc.php, which is reachabl...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in project alumni 1.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the year parameter to 1 xml/index.php; or 2 the year parameter to view.page.inc.php, which is reachable through a view action to the top-level...

meBiblio-rfi.txt

meBiblio 0.4.5 RFI --------------------- Author : ShAy6oOoN --------------------- Group : PitBull Crew --------------------- Script : meBiblio 0.4.5 --------------------- Download : http://downloads.sourceforge.net/mebiblio/meBiblio-0.4.5.tar.gz?modtime=1195237984&bigmirror=0 --------------------...

projectalumni-sqlxss.txt

project-alumni sql injection & xss author : tomplixsee [email protected] -------------------------------------------------------------------------- affected software version : project alumni 1.0.9, 1.0.8, or lower?? download : https://sourceforge.net/projects/project-alumni/ vulnerability...

project alumni 1.0.9 - Cross-Site Scripting / SQL Injection

project-alumni sql injection & xss author : tomplixsee [email protected] ------------------------------------------------------------------------------------------------------------- affected software version : project alumni v1.0.9, v1.0.8, or lower?? download :...

VigileCMS <= 1.8 Stealth Remote Command Execution Exploit

Opencosmo Security http://www.opencosmo.com http://www.opencosmo.com/news.php?readmore=15 VigileCMS = 1.8 Stealth Remote Command Execution Exploit Crediti: The:Paradox Applicazione: VigileCMS Versione: 1.8 Impatto: Remote Command Execution Rischio: 3/5 Exploit: !/usr/bin/python -- coding:...

VigileCMS <= 1.8 Stealth Remote Command Execution Exploit

No description provided by source. !/usr/bin/python -- coding: iso-8859-15 -- ''' | || | | | | | ' / -||| ' / | '/ / / \ \ / ||||||| ./,|| ,,/\ || ------------------------------------------------------------------------------------------------ This is a Public Exploit. 22/10/2007...

CVE-2007-6087

Cross-site request forgery CSRF vulnerability in index.php in VigileCMS 1.4 allows remote attackers to change the admin password via certain parameters to the changepass module...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in index.php in VigileCMS 1.4 allow remote attackers to inject arbitrary web script or HTML via the message field in the 1 vedipm or 2 livechat module...