Lucene search
K

7210 matches found

securityvulns
securityvulns
added 2007/05/07 12:0 a.m.45 views

Kayako eSupport v3.00.90 Cross Site Scripting (XSS)

Script: Kayako eSupport Version: 3.00.90 Explored By: RedCasper United Arab HaCkers Proof: Path/index.php?m="scriptalert1;/script...

1.6AI score
Exploits0
seebug.org
seebug.org
added 2007/05/04 12:0 a.m.96 views

PHP Coupon Script 3.0 (index.php bus) Remote SQL Injection Vulnerability

No description provided by source. ============================================== PHP Coupon Script 3.0 Remote SQL Injection ============================================== Found: Cyber-Security.org ============================================== Script site: http://www.couponscript.com/...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2007/05/03 12:0 a.m.19 views

pnv4b-sql.txt

---------------------------------------- PostNuke Journal ---------------------------------------- DISCOVERED BY :Ali Abbasi Olom Fonon Mazandaran University - Security Research Center, Babol, Iran Greetz For All Y! UnderGround Group Members www.2600.ir Greetz For All Persian Bugtraq Members...

7.4AI score
Exploits0
Prion
Prion
added 2007/05/02 11:19 p.m.14 views

Sql injection

SQL injection vulnerability in index.php in FileRun 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the fid parameter...

7.5CVSS9.1AI score0.01822EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2007/05/02 11:19 p.m.13 views

CVE-2007-2470

Multiple cross-site scripting XSS vulnerabilities in index.php in FileRun 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 page, 2 module, or 3 section parameter...

5.8CVSS5.8AI score0.01645EPSS
Exploits0References5
Cvelist
Cvelist
added 2007/05/02 11:0 p.m.19 views

CVE-2007-2470

Multiple cross-site scripting XSS vulnerabilities in index.php in FileRun 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 page, 2 module, or 3 section parameter...

5.8AI score0.01645EPSS
Exploits0References5
NVD
NVD
added 2007/05/02 12:19 a.m.23 views

CVE-2007-2423

Cross-site scripting XSS vulnerability in index.php in MoinMoin 1.5.7 allows remote attackers to inject arbitrary web script or HTML via the do parameter in an AttachFile action, a different vulnerability than CVE-2007-0857. NOTE: the provenance of this information is unknown; the details are...

5.8CVSS5.3AI score0.03553EPSS
Exploits1References5
exploitpack
exploitpack
added 2007/05/02 12:0 a.m.16 views

PostNuke Module v4bJournal - SQL Injection

PostNuke Module v4bJournal - SQL Injection ---------------------------------------- PostNuke Journal ---------------------------------------- DISCOVERED BY :Ali Abbasi Olom Fonon Mazandaran University - Security Research Center, Babol, Iran Greetz For All Y! UnderGround Group Members www.2600.ir...

0.4AI score
Exploits0
Cvelist
Cvelist
added 2007/05/02 12:0 a.m.17 views

CVE-2007-2430

shared/code/tcetmx.php in TCExam 4.0.011 and earlier allows remote attackers to create arbitrary PHP files in cache/ by placing file contents and directory traversal manipulations into a SessionUserLang cookie to public/code/index.php...

6.9AI score0.03702EPSS
Exploits0References7
Prion
Prion
added 2007/04/30 11:19 p.m.15 views

Code injection

admin/index.php in Gregory Kokanosky phpMyNewsletter 0.8 beta5 and earlier provides access to configuration modification before login, which allows remote attackers to cause a denial of service loss of configuration data, and possibly perform direct static code injection, via a saveGlobalconfig...

10CVSS7.5AI score0.08036EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2007/04/30 11:19 p.m.17 views

CVE-2007-2370

SQL injection vulnerability in index.php in the John Mordo Jobs 2.4 and earlier module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a jobsview action. NOTE: the module name was originally reported as Job Listings...

7.5CVSS8.3AI score0.02879EPSS
Exploits0References2
CVE
CVE
added 2007/04/30 11:0 p.m.44 views

CVE-2007-2370

CVE-2007-2370 : Concrete details across connected documents show a SQL injection in the XOOPS Jobs module (John Mordo Jobs) for XOOPS, affecting version 2.4 and earlier. The vulnerability resides in index.php (modules/jobs/index.php) where user input in the cid parameter of a jobsview action is n...

7.5CVSS8.3AI score0.02879EPSS
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2007/04/29 12:0 a.m.32 views

Sphider Version 1.2.x (include_dir) file include

Sphider Version 1.2.x includedir remote file include script Vendor: http://cs.ioc.ee/ando/sphider/ Discovered by: IbnuSina found on index.php $includedir = "./include"; --- no patch here $languagedir = "./languages"; include "$includedir/indexheader.inc"; include "$includedir/conf.php"; include...

1.5AI score
Exploits0
exploitpack
exploitpack
added 2007/04/26 12:0 a.m.9 views

PHPBandManager 0.8 - index.php?pg Remote File Inclusion

PHPBandManager 0.8 - index.php?pg Remote File Inclusion author:koray greetz:cigicigi.net script:http://sourceforge.net/projects/phpbandmanager allowurlfopen:on or registerglobals:on vuln; /bandmanager/suite/index.php include$GET'pg'.".php"; example; http://www.victim.com/suite/index.php?pg=shell...

0.6AI score
Exploits0
0day.today
0day.today
added 2007/04/26 12:0 a.m.15 views

phpBandManager 0.8 (index.php pg) Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ===================================================================== phpBandManager 0.8 index.php pg Remote File Inclusion Vulnerability ===================================================================== author:koray greetz:cigicigi.ne...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2007/04/26 12:0 a.m.40 views

PHPBandManager 0.8 - 'index.php?pg' Remote File Inclusion

author:koray greetz:cigicigi.net script:http://sourceforge.net/projects/phpbandmanager allowurlfopen:on or registerglobals:on vuln; /bandmanager/suite/index.php include$GET'pg'.".php"; example; http://www.victim.com/suite/index.php?pg=shell link? milw0rm.com 2007-04-26...

7AI score
Exploits0
Prion
Prion
added 2007/04/25 8:19 p.m.12 views

Cross site scripting

Cross-site scripting XSS vulnerability in YA Book 0.98-alpha allows remote attackers to inject arbitrary web script or HTML via the City field in a sign action in index.php...

6.8CVSS6.1AI score0.01176EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2007/04/25 8:0 p.m.44 views

CVE-2007-2265

CVE-2007-2265 is an XSS vulnerability in YA Book 0.98-alpha, exploitable through the City field in a sign action in index.php. The available documents indicate remote script/HTML injection leading to partial confidentiality/integrity/availability impact as described by CVSS metrics, but no patch ...

6.8CVSS5.7AI score0.01176EPSS
Exploits0References5Affected Software1
securityvulns
securityvulns
added 2007/04/24 12:0 a.m.44 views

Ripe Website Manager (<= 0.8.4) - SQL Injection Vulnerability and Cross-Site Scripting Exploit

!-- Ripe Website Manager = 0.8.4 - SQL Injection Vulnerability and Cross-Site Scripting Exploit Vulnerable Variable: ripeformpost Cross-Site Scripting and SQL Injection possible Vulnerable File: contact/index.php Vulnerable: Ripe Website Manager = 0.8.4 Google d0rk: "Powered by Ripe Website...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2007/04/20 12:0 a.m.57 views

Gizzar <= (basePath) Remote File Include Vulnerability

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= Gizzar = basePath Remote File Include Vulnerability Download: http://mesh.dl.sourceforge.net/sourceforge/gizzar/gizzar-03162002.tar.gz Discover: BorN To K!LL =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= Bug in: index.php code:...

0.2AI score
Exploits0
Rows per page
Query Builder