7210 matches found
Kayako eSupport v3.00.90 Cross Site Scripting (XSS)
Script: Kayako eSupport Version: 3.00.90 Explored By: RedCasper United Arab HaCkers Proof: Path/index.php?m="scriptalert1;/script...
PHP Coupon Script 3.0 (index.php bus) Remote SQL Injection Vulnerability
No description provided by source. ============================================== PHP Coupon Script 3.0 Remote SQL Injection ============================================== Found: Cyber-Security.org ============================================== Script site: http://www.couponscript.com/...
pnv4b-sql.txt
---------------------------------------- PostNuke Journal ---------------------------------------- DISCOVERED BY :Ali Abbasi Olom Fonon Mazandaran University - Security Research Center, Babol, Iran Greetz For All Y! UnderGround Group Members www.2600.ir Greetz For All Persian Bugtraq Members...
Sql injection
SQL injection vulnerability in index.php in FileRun 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the fid parameter...
CVE-2007-2470
Multiple cross-site scripting XSS vulnerabilities in index.php in FileRun 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 page, 2 module, or 3 section parameter...
CVE-2007-2470
Multiple cross-site scripting XSS vulnerabilities in index.php in FileRun 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 page, 2 module, or 3 section parameter...
CVE-2007-2423
Cross-site scripting XSS vulnerability in index.php in MoinMoin 1.5.7 allows remote attackers to inject arbitrary web script or HTML via the do parameter in an AttachFile action, a different vulnerability than CVE-2007-0857. NOTE: the provenance of this information is unknown; the details are...
PostNuke Module v4bJournal - SQL Injection
PostNuke Module v4bJournal - SQL Injection ---------------------------------------- PostNuke Journal ---------------------------------------- DISCOVERED BY :Ali Abbasi Olom Fonon Mazandaran University - Security Research Center, Babol, Iran Greetz For All Y! UnderGround Group Members www.2600.ir...
CVE-2007-2430
shared/code/tcetmx.php in TCExam 4.0.011 and earlier allows remote attackers to create arbitrary PHP files in cache/ by placing file contents and directory traversal manipulations into a SessionUserLang cookie to public/code/index.php...
Code injection
admin/index.php in Gregory Kokanosky phpMyNewsletter 0.8 beta5 and earlier provides access to configuration modification before login, which allows remote attackers to cause a denial of service loss of configuration data, and possibly perform direct static code injection, via a saveGlobalconfig...
CVE-2007-2370
SQL injection vulnerability in index.php in the John Mordo Jobs 2.4 and earlier module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a jobsview action. NOTE: the module name was originally reported as Job Listings...
CVE-2007-2370
CVE-2007-2370 : Concrete details across connected documents show a SQL injection in the XOOPS Jobs module (John Mordo Jobs) for XOOPS, affecting version 2.4 and earlier. The vulnerability resides in index.php (modules/jobs/index.php) where user input in the cid parameter of a jobsview action is n...
Sphider Version 1.2.x (include_dir) file include
Sphider Version 1.2.x includedir remote file include script Vendor: http://cs.ioc.ee/ando/sphider/ Discovered by: IbnuSina found on index.php $includedir = "./include"; --- no patch here $languagedir = "./languages"; include "$includedir/indexheader.inc"; include "$includedir/conf.php"; include...
PHPBandManager 0.8 - index.php?pg Remote File Inclusion
PHPBandManager 0.8 - index.php?pg Remote File Inclusion author:koray greetz:cigicigi.net script:http://sourceforge.net/projects/phpbandmanager allowurlfopen:on or registerglobals:on vuln; /bandmanager/suite/index.php include$GET'pg'.".php"; example; http://www.victim.com/suite/index.php?pg=shell...
phpBandManager 0.8 (index.php pg) Remote File Inclusion Vulnerability
Exploit for unknown platform in category web applications ===================================================================== phpBandManager 0.8 index.php pg Remote File Inclusion Vulnerability ===================================================================== author:koray greetz:cigicigi.ne...
PHPBandManager 0.8 - 'index.php?pg' Remote File Inclusion
author:koray greetz:cigicigi.net script:http://sourceforge.net/projects/phpbandmanager allowurlfopen:on or registerglobals:on vuln; /bandmanager/suite/index.php include$GET'pg'.".php"; example; http://www.victim.com/suite/index.php?pg=shell link? milw0rm.com 2007-04-26...
Cross site scripting
Cross-site scripting XSS vulnerability in YA Book 0.98-alpha allows remote attackers to inject arbitrary web script or HTML via the City field in a sign action in index.php...
CVE-2007-2265
CVE-2007-2265 is an XSS vulnerability in YA Book 0.98-alpha, exploitable through the City field in a sign action in index.php. The available documents indicate remote script/HTML injection leading to partial confidentiality/integrity/availability impact as described by CVSS metrics, but no patch ...
Ripe Website Manager (<= 0.8.4) - SQL Injection Vulnerability and Cross-Site Scripting Exploit
!-- Ripe Website Manager = 0.8.4 - SQL Injection Vulnerability and Cross-Site Scripting Exploit Vulnerable Variable: ripeformpost Cross-Site Scripting and SQL Injection possible Vulnerable File: contact/index.php Vulnerable: Ripe Website Manager = 0.8.4 Google d0rk: "Powered by Ripe Website...
Gizzar <= (basePath) Remote File Include Vulnerability
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= Gizzar = basePath Remote File Include Vulnerability Download: http://mesh.dl.sourceforge.net/sourceforge/gizzar/gizzar-03162002.tar.gz Discover: BorN To K!LL =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= Bug in: index.php code:...