7210 matches found
CVE-2007-5233
Affected product: Web Templates Management (1.3) — index.php SQL Injection vulnerability. Root cause: inadequate sanitization of user-supplied data before constructing SQL queries. Impact (as stated): attacker could compromise the application and access or modify data via the SQL injection vector...
DRBGuestbook Remote XSS Vulnerability
Oo Title: DRBGuestbook Remote XSS Vulnerability Download: http://www.hotscripts.com/jump.php?listingid=67702&jumptype=1 Author: Gokhan Contact: [email protected] | KAF KAF KAF SIN SIN SIN KAFSIN KAFSIN KAF Vuln Code: index.php XSS:...
Sql injection
SQL injection vulnerability in index.php in the MambAds commambads 1.5 and earlier component for Mambo allows remote attackers to execute arbitrary SQL commands via the caid parameter...
CVE-2007-5177
CVE-2007-5177 describes an SQL injection in the MambAds (com_mambads) component for Mambo, affected in version 1.5 and earlier. The vulnerability is triggered via the caid parameter in index.php, allowing remote attackers to manipulate SQL commands. The connected documents also corroborate relate...
drbguestbook-xss.txt
Oo Title: DRBGuestbook Remote XSS Vulnerability Download: http://www.hotscripts.com/jump.php?listingid=67702&jumptype=1 Author: Gokhan Contact: [email protected] | KAF KAF KAF SIN SIN SIN KAFSIN KAFSIN KAF Vuln Code: index.php XSS: http://site/guestbook/index.php?action=alert"XSS"; Tum islam...
Segue CMS 1.8.4 - 'index.php' Remote File Inclusion
?????????? ??????????????? ??????????????????? ??????????????????????? ?????????????????????????? ?????????????????????????????? ????????????????????????????????? ??????????????????????????????????? ????????????????????????????????????? ???????????????????????????????????????...
mambads-sql.txt
Mambads = 1.5 Sql Injection Autor:Sniper456 Contact:Sniper456atgmail.kom Greetss: PescaoDeth, Daemon21, Vampirin456, Shh-2, CodeBreak and the chilean People ; SQL: index.php?option=commambads&Itemid=0&func=detail&cacat=1&casb=1&caid=inyecta maricon Example:...
MD-Pro 1.0.76 - SQL Injection
!/usr/bin/perl use strict; use IO::Socket; my $app = "MDPro 1.0.76"; my $type = "SQL Injection"; my $author = "undefined1"; my $settings = "magicquotesruntime = off, mysql = 4.1.0"; $| = 1; print ":: $app $type - by $author ::\n\n\n"; my $url = shift || usage; if$url = m/^?:http://./ $url = $1;...
MD-Pro 1.0.76 - 'index.php' Firefox ID SQL Injection
source: https://www.securityfocus.com/bid/25864/info MD-Pro is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modi...
MD-Pro 1.0.76 - index.php Firefox ID SQL Injection
MD-Pro 1.0.76 - index.php Firefox ID SQL Injection source: https://www.securityfocus.com/bid/25864/info MD-Pro is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an...
Mambo Component Mambads <= 1.5 Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ================================================================= Mambo Component Mambads = 1.5 Remote SQL Injection Vulnerability ================================================================= Mambads = 1.5 Sql Injection Autor:Sniper45...
Mambo Component Mambads 1.5 - SQL Injection
Mambo Component Mambads 1.5 - SQL Injection Mambads = 1.5 Sql Injection Autor:Sniper456 Contact:Sniper456atgmail.kom Greetss: PescaoDeth, Daemon21, Vampirin456, Shh-2, CodeBreak and the chilean People ; SQL: index.php?option=commambads&Itemid=0&func=detail&cacat=1&casb=1&caid=inyecta maricon...
CVE-2007-5131
CVE-2007-5131 affects Interspire ActiveKB NX 2.x. The vulnerability is a SQL injection in index.php when handling the browse action via the catId parameter, enabling remote execution of arbitrary SQL commands. Note that ActiveKB 1.5 is also reported to be affected. The linked references confirm t...
CVE-2007-5109
Cross-site request forgery CSRF vulnerability in index.php in FlatNuke 2.6, and possibly 3, allows remote attackers to change the password and privilege level of arbitrary accounts via the user parameter and modified 1 regpass and 2 level parameters in a noneLogin action, as demonstrated by using...
Sql injection
SQL injection vulnerability in index.php in the Arcade module in bcoos 1.0.10 allows remote attackers to execute arbitrary SQL commands via the gid parameter in a playgame action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2007-5104
SQL injection vulnerability in index.php in the Arcade module in bcoos 1.0.10 allows remote attackers to execute arbitrary SQL commands via the gid parameter in a playgame action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2007-5104
The provided connected records describe SQL injection vulnerabilities in the bcoos package (versions 1.0.10 and earlier). For CVE-2007-5104, remote attackers can inject via the gid parameter to modules/arcade/index.php in a show_stats action. For CVE-2007-6266, similar issues allow injection via ...
ActiveKB KnowledgeBase 2.x - catId SQL Injection
ActiveKB KnowledgeBase 2.x - catId SQL Injection ActiveKB NX 2.? Powered by ActiveKB Knowledgebase Software index.php SQL Injection Discovered by Luna-Tic and XTErner 19 Years Ukrainian Hackers Vendor:www.interspire.com/activekb/ License:sharewere Exploit:/kb/index.php?ToDo=browse&catId=SQL CODE...
neuron-lfi.txt
\|/// \ - - // Y! Underground Group @ @ ----oOOo---oOOo-------------------------------------------------- Portal : Neuron News 1.0 Download : http://downloads.localhost.be/scripts/neuronnews.zip Author : Dj7xpl HomePage : http://r00t.ir / http://Dj7xpl.2600.ir Type : Local File Inclusion...
CVE-2007-5068
SQL injection vulnerability in index.php in phpFullAnnu PFA 6.0 allows remote attackers to execute arbitrary SQL commands via the mod parameter...