Lucene search
K

7210 matches found

securityvulns
securityvulns
added 2007/04/05 12:0 a.m.356 views

PHP-FUSION Arcade Module (cid) Remote SQL Injection Vuln

-------------------------------- PHP-FUSION Arcade Module cid Remote SQL Injection Vuln -------------------------------- Bulan: xoron xoron.biz -------------------------------- Exploit: index.php?op=viewgamelist&cid=-1//union//select//null,username,userpassword,null,null,null//from//fusionusers/...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2007/04/05 12:0 a.m.41 views

Remote File Include In Script stat12

By Hasadya Raed Contact : [email protected] Israel --------------------------- Script : stat12 Download Script : http://www.samphp.com Dork : Copyright c 2004 by Sam Tang Greetz : Yonatan --------------------------- B.File : index.php --------------------------- Expl :...

0.2AI score
Exploits0
seebug.org
seebug.org
added 2007/04/03 12:0 a.m.46 views

Malaika System MyAds Xoops模块Index.php SQL注入漏洞

Malaika System MyAds是一款基于PHP的WEB应用程序。 Malaika System MyAds不正确过滤用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,可获得敏感信息。 问题是'Index.PHP'脚本对用户提交的'cid'参数缺少过滤,提交恶意SQL代码作为参数数据,可导致更改原来的SQL逻辑,获得敏感信息。 Malaika System MyAds 2.04jp 目前没有解决方案提供: http://malaika.s31.xrea.com/ !/usr/bin/perl Script Name: Xoops Module MyAds Bug Fix ...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2007/04/03 12:0 a.m.50 views

2BGal 3.1.1 <= (admin/index.php) Remote File Include Vulnerability

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= 2BGal 3.1.1 = admin/index.php Remote File Include Vulnerability Script: 2BGal Version: 3.1.1 Download: http://www.ben3w.com/multimedia/2bgal.zip Discover: BorN To K!LL =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= Bug in:...

1.2AI score
Exploits0
CVE
CVE
added 2007/04/02 11:0 p.m.48 views

CVE-2007-1811

The vulnerability described as CVE-2007-1811 affects the Tiny Event module for XOOPS (version 1.01 and earlier). It is a SQL injection in index.php where the id parameter used by the show action allows remote attackers to execute arbitrary SQL commands. This is the confirmed root cause: improper ...

7.5CVSS8.2AI score0.01029EPSS
Exploits0References3Affected Software1
Packet Storm
Packet Storm
added 2007/04/02 12:0 a.m.26 views

slaed-rfi.txt

By Hasadya Raed Contact : [email protected] Israel ----------------------------------------------- Script : SLAEDCMS2 Dork : "Web site engine code is Copyright © 2006 by SLAED CMS. All rights reserved" ----------------------------------------------- B.Files : admin.php index.php...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2007/04/02 12:0 a.m.26 views

PHP-Fusion Module topliste 1.0 - cid SQL Injection

PHP-Fusion Module topliste 1.0 - cid SQL Injection -------------------------------- PHP-FUSION topliste Module cid Remote SQL Injection Vuln -------------------------------- Bulan: xoron - unique xoron.biz -------------------------------- Exploit:...

0.1AI score
Exploits0
seebug.org
seebug.org
added 2007/04/02 12:0 a.m.65 views

Xoops Module Lykos Reviews 1.00 (index.php) SQL Injection Exploit

No description provided by source. html head titleXOOPS Module Lykos Reviews 1.00 index.php BLIND SQL Injection Exploit/title script type="text/javascript" //'=============================================================================================== //'Script Name: XOOPS Module Lykos Reviews...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2007/04/01 12:0 a.m.112 views

Remot File Include In SLAED_CMS_2

By Hasadya Raed Contact : [email protected] Israel ----------------------------------------------- Script : SLAEDCMS2 Dork : "Web site engine code is Copyright © 2006 by SLAED CMS. All rights reserved" ----------------------------------------------- B.Files : admin.php index.php...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2007/03/31 12:0 a.m.40 views

XOOPS Module Lykos Reviews 1.00 - index.php SQL Injection

XOOPS Module Lykos Reviews 1.00 - index.php SQL Injection XOOPS Module Lykos Reviews 1.00 index.php BLIND SQL Injection Exploit //'=============================================================================================== //'Script Name: XOOPS Module Lykos Reviews 1.00 index.php BLIND SQL...

0.5AI score
Exploits0
CVE
CVE
added 2007/03/30 1:0 a.m.48 views

CVE-2007-1776

The vulnerability CVE-2007-1776 affects the DesignForJoomla.com D4J eZine (com_ezine) Joomla! extension (version 2.8 and earlier). The root cause is an SQL injection in index.php that allows remote attackers to execute arbitrary SQL commands via the article parameter in a read action. The connect...

6.8CVSS8.3AI score0.01125EPSS
Exploits0References6Affected Software1
seebug.org
seebug.org
added 2007/03/29 12:0 a.m.11 views

Joomla! D4JeZine组件index.php SQL注入漏洞

Joomla! D4JeZine是一款基于PHP的WEB应用程序。 Joomla! D4JeZine不正确过滤用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,可获得敏感信息。 问题是'Index.PHP'脚本对用户提交的WEB参数缺少过滤,提交恶意SQL代码作为参数数据,可导致更改原来的SQL逻辑,获得敏感信息。 DesignForJoomla D4J eZine 2.8 目前没有解决方案提供: http://designforjoomla.com/joomlaextensions/d4jezine.php html head titleJoomla Component...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2007/03/29 12:0 a.m.34 views

XOOPS Module MyAds Bug Fix 2.04jp - index.php SQL Injection

XOOPS Module MyAds Bug Fix 2.04jp - index.php SQL Injection !/usr/bin/perl Script Name: Xoops Module MyAds Bug Fix : "; $dir = ; chop $dir; if $dir = /exit/ print "-- Exploit FailedYou Are Exited \n"; exit; if $dir = /// else print "-- Exploit FailedNo DIR \n"; exit; $target =...

8.6AI score
Exploits0
Exploit DB
Exploit DB
added 2007/03/29 12:0 a.m.56 views

XOOPS Module MyAds Bug Fix 2.04jp - 'index.php' SQL Injection

!/usr/bin/perl Script Name: Xoops Module MyAds Bug Fix : "; $dir = ; chop $dir; if $dir = /exit/ print "-- Exploit FailedYou Are Exited \n"; exit; if $dir = /// else print "-- Exploit FailedNo DIR \n"; exit; $target =...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2007/03/28 10:0 a.m.20 views

CVE-2007-1729

SQL injection vulnerability in includes/start.php in Flexbb 1.0.0 10005 Beta Release 1 allows remote attackers to execute arbitrary SQL commands via the flexbblangid COOKIE parameter to index.php...

8.3AI score0.01258EPSS
Exploits0References6
Prion
Prion
added 2007/03/27 9:19 p.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in CcCounter 2.0 allows remote attackers to inject arbitrary web script or HTML via dir parameter...

6.8CVSS6.1AI score0.02092EPSS
Exploits1References7Affected Software1
CVE
CVE
added 2007/03/27 9:0 p.m.40 views

CVE-2007-1714

CcCounter 2.0 contains a cross-site scripting (XSS) vulnerability in index.php through the dir parameter. The issue arises from insufficient input handling of dir, enabling remote attackers to inject arbitrary scripts/HTML that may be executed in a user’s browser. Impact is partial confidentialit...

6.8CVSS5.7AI score0.02092EPSS
Exploits1References7Affected Software1
Packet Storm
Packet Storm
added 2007/03/27 12:0 a.m.22 views

ccc20-xss.txt

--------------------------------------- Title : CcCounter 2.0 cross-site scripting vulnerability Found By : CrackersChild Contact : localexploitdothotmaildotcom Dork : CcCounter 2.0 Statistics Exploit :...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2007/03/26 12:0 a.m.19 views

Net-Side.net CMS (index.php cms) Remote File Inclusion Vulnerability

No description provided by source. I see your future and your future is death. Sharingan ! -------------------------------------------------------------------------------------------------------------- Hi I'm sharingan and this is my vuln : script name : Net Side Content Management System 2...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/03/26 12:0 a.m.41 views

Joomla Component Car Manager <= 1.1 Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl Script Name: Joomla Component Car Manager = 1.1 Blind SQL Injection Exploit Coded by : ajann Author : ajann Dork : "index.php?option=comresman" Contact : : S.Page : http://www.webformatique.net $$ : .39.99 .. : ajann,Turkey use IO::Socket; if@ARGV...

7.1AI score
Exploits0
Rows per page
Query Builder