Lucene search
K

7210 matches found

exploitpack
exploitpack
added 2007/06/06 12:0 a.m.25 views

Comicsense 0.2 - index.php?epi SQL Injection (2)

Comicsense 0.2 - index.php?epi SQL Injection 2 !/usr/bin/perl -w ComicSense 0.2 SQL Injection Exploit Discovered by: s0cratex Payload: Admin Username & Hash Retrieval Website: http://www.w4ck1ng.com Original Advisory: http://seclists.org/bugtraq/2007/Jun/0063.html http://milw0rm.com/exploits/4035...

Exploits0
Exploit DB
Exploit DB
added 2007/06/06 12:0 a.m.30 views

Comicsense 0.2 - 'index.php?epi' SQL Injection (2)

!/usr/bin/perl -w ComicSense 0.2 SQL Injection Exploit Discovered by: s0cratex Payload: Admin Username & Hash Retrieval Website: http://www.w4ck1ng.com Original Advisory: http://seclists.org/bugtraq/2007/Jun/0063.html http://milw0rm.com/exploits/4035 Vulnerable Code index.php: $sqlQuery = "SELECT...

7AI score
Exploits0
0day.today
0day.today
added 2007/06/05 12:0 a.m.33 views

Comicsense 0.2 (index.php epi) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================= Comicsense 0.2 index.php epi Remote SQL Injection Vulnerability ================================================================= Comicsense SQL Injection Advisory/Exploit b...

7.1AI score
Exploits0
Prion
Prion
added 2007/06/04 5:30 p.m.15 views

Sql injection

Multiple SQL injection vulnerabilities in myBloggie 2.1.6 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 catid or 2 year parameter to index.php in a viewuser action, different vectors than CVE-2005-1500 and CVE-2005-4225...

7.5CVSS8.8AI score0.02545EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2007/06/04 5:30 p.m.13 views

Design/Logic Flaw

PHP JackKnife PHPJK allows remote attackers to obtain sensitive information via 1 a request to index.php with an invalid value of the iParentUnq parameter, or a request to GDisplay.php with an invalid 2 iCategoryUnq or 3 sSort array parameter, which reveals the path in various error messages...

5CVSS6.8AI score0.02372EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2007/06/04 5:30 p.m.17 views

CVE-2007-3003

Multiple SQL injection vulnerabilities in myBloggie 2.1.6 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 catid or 2 year parameter to index.php in a viewuser action, different vectors than CVE-2005-1500 and CVE-2005-4225...

7.5CVSS8.2AI score0.01009EPSS
Exploits0References5
seebug.org
seebug.org
added 2007/06/04 12:0 a.m.57 views

MyBloggie Index.PHP SQL注入漏洞

MyBloggie是一款基于PHP的WEB应用程序。 MyBloggie不正确过滤用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,获得敏感信息。 问题是'Archives.PHPIndex.PHP'脚本对用户提交的WEB参数缺少过滤,提交恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息。 myBloggie myBloggie 2.1.6 myBloggie myBloggie 2.1.5 myBloggie myBloggie 2.1.4 myBloggie myBloggie 2.1.3 Beta myBloggie myBloggie 2.1.3...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2007/06/03 12:0 a.m.63 views

Linker index.php - Cross-Site Scripting Vulnerability

Linker index.php - Cross-Site Scripting Vulnerability Vulnerability: http://www.target.com/index.php?cat=3E223E3CScRiPt200a0d3Ealertdocument.cookie3B3C/script3E Vulnerable: All Versions Script : http://enproject.codelib.co.kr ----------------------------------------------- Credits : Vagrant Conta...

0.8AI score
Exploits0
exploitpack
exploitpack
added 2007/06/02 12:0 a.m.11 views

Linker 2.0.4 - index.php Cross-Site Scripting

Linker 2.0.4 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/24277/info Codelib Linker is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary scrip...

6.8AI score
Exploits0
NVD
NVD
added 2007/05/31 12:30 a.m.15 views

CVE-2007-2932

Cross-site scripting XSS vulnerability in index.php in BoastMachine allows remote attackers to inject arbitrary web script or HTML via the blog parameter in a content search action...

4.3CVSS5.7AI score0.0449EPSS
Exploits0References6
Prion
Prion
added 2007/05/31 12:30 a.m.12 views

Sql injection

SQL injection vulnerability in index.php in the Phil-a-Form comphilaform 1.2.0.0 and earlier component for Joomla! allows remote attackers to execute arbitrary SQL commands via the formid parameter...

7.5CVSS9.1AI score0.01029EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2007/05/31 12:30 a.m.14 views

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in BoastMachine allows remote attackers to inject arbitrary web script or HTML via the blog parameter in a content search action...

4.3CVSS6.1AI score0.0449EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2007/05/31 12:0 a.m.52 views

CVE-2007-2932

CVE-2007-2932 affects boastMachine (all versions) with a cross-site scripting (CWE-79) flaw in index.php, exploitable via the blog parameter in a content search action to execute arbitrary script in the user’s browser. Multiple connected sources (JVNDB/JVN, NVD entries, and CVE records) confirm t...

4.3CVSS5.7AI score0.0449EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2007/05/31 12:0 a.m.21 views

CVE-2007-2932

Cross-site scripting XSS vulnerability in index.php in BoastMachine allows remote attackers to inject arbitrary web script or HTML via the blog parameter in a content search action...

5.7AI score0.0449EPSS
Exploits0References6
CVE
CVE
added 2007/05/31 12:0 a.m.48 views

CVE-2007-2933

The CVE-2007-2933 entry describes an SQL injection in the Phil-a-Form (com_philaform) Joomla! component. Affected version: 1.2.0.0 and earlier. Vulnerable component is index.php where attacker-supplied form_id can be used to inject and execute arbitrary SQL commands remotely. Impact as stated: pa...

7.5CVSS8.4AI score0.01029EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2007/05/30 10:30 a.m.14 views

CVE-2007-2913

Cross-site scripting XSS vulnerability in index.php in ClonusWiki .5 allows remote attackers to inject arbitrary web script or HTML via the query parameter...

4.3CVSS5.7AI score0.01028EPSS
Exploits0References4
Cvelist
Cvelist
added 2007/05/30 10:0 a.m.23 views

CVE-2007-2913

Cross-site scripting XSS vulnerability in index.php in ClonusWiki .5 allows remote attackers to inject arbitrary web script or HTML via the query parameter...

5.7AI score0.01028EPSS
Exploits0References4
CVE
CVE
added 2007/05/30 10:0 a.m.41 views

CVE-2007-2913

CVE-2007-2913: Cross-site scripting in ClonusWiki 0.5 (index.php) allows remote injection of arbitrary script/HTML via the query parameter. Exploitation/impact details beyond this are not specified in the provided documents; no remediation or patch/version information is given.

4.3CVSS5.7AI score0.01028EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2007/05/30 1:30 a.m.12 views

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in Web Icerik Yonetim Sistemi WIYS 1.0 allows remote attackers to inject arbitrary web script or HTML via the No parameter in the Sayfa page...

4.3CVSS6.2AI score0.01761EPSS
Exploits0References6Affected Software1
securityvulns
securityvulns
added 2007/05/26 12:0 a.m.67 views

BoastMachine index.php Cross Site Scripting Vulnerability

Vulnerability: http://www.target.com/index.php?action=search&item=content&blog=3E223E3CScRiPt200a0d3Ealertdocument.cookie3B3C/ScRiPt3E Vulnerable: All Versions...

0.3AI score
Exploits0
Rows per page
Query Builder