Lucene search
K

7210 matches found

Exploit DB
Exploit DB
added 2007/03/19 12:0 a.m.35 views

ScriptMagix Lyrics 2.0 - 'index.php?recid' SQL Injection

!/usr/bin/perl Script Name: ScriptMagix Lyrics : "; $dir = ; chop $dir; if $dir = /exit/ print "-- Exploit FailedYou Are Exited \n"; exit; if $dir = /// else print "-- Exploit FailedNo DIR \n"; exit; $target =...

7.4AI score
Exploits0
0day.today
0day.today
added 2007/03/18 12:0 a.m.54 views

ScriptMagix Recipes <= 2.0 (index.php catid) SQL Injection Exploit

Exploit for unknown platform in category web applications ================================================================== ScriptMagix Recipes : "; $dir = ; chop $dir; if $dir = /exit/ print "-- Exploit FailedYou Are Exited \n"; exit; if $dir = /// else print "-- Exploit FailedNo DIR \n"; exit;...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2007/03/18 12:0 a.m.18 views

ScriptMagix FAQ Builder 2.0 - index.php SQL Injection

ScriptMagix FAQ Builder 2.0 - index.php SQL Injection !/usr/bin/perl Script Name: ScriptMagix FAQ Builder : "; $dir = ; chop $dir; if $dir = /exit/ print "-- Exploit FailedYou Are Exited \n"; exit; if $dir = /// else print "-- Exploit FailedNo DIR \n"; exit; $target =...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2007/03/18 12:0 a.m.39 views

ScriptMagix Jokes 2.0 - &#039;index.php?catid&#039; SQL Injection

!/usr/bin/perl Script Name: ScriptMagix Jokes : "; $dir = ; chop $dir; if $dir = /exit/ print "-- Exploit FailedYou Are Exited \n"; exit; if $dir = /// else print "-- Exploit FailedNo DIR \n"; exit; $target =...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2007/03/17 12:0 a.m.55 views

WebLog &#40;index.php file&#41; Remote File Disclosure Vulnerability

.-""""""""-. / Dj7xpl | | |, .-. .-. ,| | o/ o | |/ / | @ ^^ |IIIIII|/ @8@8|-IIIIII/-| / / @ +Iranian Are The Best In World+ Portal : weblog Download : http://www.holtstraeter.com/cybercheffe/pages/websoft.php?action=websoftpagefive Author : Dj7xpl | Dj7xp...

0.3AI score
Exploits0
Prion
Prion
added 2007/03/16 9:19 p.m.14 views

Sql injection

SQL injection vulnerability in index.php in WBBlog allows remote attackers to execute arbitrary SQL commands via the eid parameter in a viewentry cmd...

7.5CVSS9AI score0.02207EPSS
Exploits0References5
Prion
Prion
added 2007/03/16 9:19 p.m.13 views

Directory traversal

Directory traversal vulnerability in index.php in Sascha Schroeder aka CyberTeddy or Cyber-inside WebLog allows remote attackers to read arbitrary files via a .. dot dot in the file parameter in a showarticles action...

5CVSS7.2AI score0.0344EPSS
Exploits0References6
Cvelist
Cvelist
added 2007/03/16 9:0 p.m.24 views

CVE-2007-1481

SQL injection vulnerability in index.php in WBBlog allows remote attackers to execute arbitrary SQL commands via the eid parameter in a viewentry cmd...

8.3AI score0.02207EPSS
Exploits0References5
Cvelist
Cvelist
added 2007/03/16 9:0 p.m.14 views

CVE-2007-1477

Directory traversal vulnerability in index.php in PHP Point Of Sale for osCommerce 1.1 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the cfglanguage parameter. NOTE: this issue has been disputed by CVE, since the cfglanguage variable is configured upon...

7.2AI score0.01471EPSS
Exploits0References4
Cvelist
Cvelist
added 2007/03/16 9:0 p.m.19 views

CVE-2007-1487

Directory traversal vulnerability in index.php in Sascha Schroeder aka CyberTeddy or Cyber-inside WebLog allows remote attackers to read arbitrary files via a .. dot dot in the file parameter in a showarticles action...

6.7AI score0.0344EPSS
Exploits0References6
CVE
CVE
added 2007/03/16 9:0 p.m.48 views

CVE-2007-1482

Summary: CVE-2007-1482 is an XSS vulnerability in WBBlog’s index.php, exploited via the e_id parameter in a viewentry cmd. Affected component: WBBlog, index.php. The underlying issue is a Cross-site scripting flaw that allows remote attackers to inject arbitrary web script or HTML. Impact (as sta...

4.3CVSS5.7AI score0.01573EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2007/03/16 9:0 p.m.62 views

CVE-2007-1487

Directory traversal in Sascha Schroeder (CyberT Teddy) WebLog: index.php showsArticles action vulnerable to reading arbitrary files via .. in the file parameter. Root cause is improper input handling allowing path traversal. Impact stated as read access to arbitrary files; no exploit specifics or...

5CVSS6.7AI score0.0344EPSS
Exploits0References6Affected Software3
CVE
CVE
added 2007/03/16 9:0 p.m.46 views

CVE-2007-1481

CVE-2007-1481 describes an SQL injection in the WBBlog application. The vulnerability resides in index.php, where an attacker can manipulate the e_id parameter in a viewentry command to execute arbitrary SQL. The NVD entry lists a CVSS v2 base score of 7.5 (HIGH), with network attack vector and n...

7.5CVSS8.3AI score0.02207EPSS
Exploits0References5Affected Software1
seebug.org
seebug.org
added 2007/03/15 12:0 a.m.19 views

ZomPlog <= 3.7.6 Local File Inclusion Vulnerabilty (win32)

No description provided by source. Made by Bl0od3r tech-bl0od3r.blogspot.com use IO::Socket; use Switch; $port = "80"; $target = @ARGV0; $folder = @ARGV1; @paths= "../../../../../var/log/httpd/accesslog", "../../../../../var/log/httpd/errorlog", "../apache/logs/error.log",...

7.1AI score
Exploits0
NVD
NVD
added 2007/03/12 11:19 p.m.14 views

CVE-2007-1417

SQL injection vulnerability in index.php in HC NEWSSYSTEM 1.0-4 allows remote attackers to execute arbitrary SQL commands via the ID parameter in a komm aktion...

7.5CVSS8.3AI score0.01241EPSS
Exploits1References7
Cvelist
Cvelist
added 2007/03/12 11:0 p.m.20 views

CVE-2007-1417

SQL injection vulnerability in index.php in HC NEWSSYSTEM 1.0-4 allows remote attackers to execute arbitrary SQL commands via the ID parameter in a komm aktion...

8.3AI score0.01241EPSS
Exploits1References7
seebug.org
seebug.org
added 2007/03/11 12:0 a.m.17 views

SonicMailer Pro &lt;= 3.2.3 (index.php) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl Script Name: SonicMailer Pro = 3.2.3 index.php Remote Blind SQL Injection Exploit Coded by : ajann Author : ajann Contact : : S.Page : http://www.triexa.com $$ : Standart License 89$ .. : ajann,Turkey use IO::Socket; if@ARGV 1 print "...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2007/03/11 12:0 a.m.31 views

SonicMailer Pro 3.2.3 - &#039;index.php&#039; SQL Injection

!/usr/bin/perl Script Name: SonicMailer Pro : "; $dir = ; chop $dir; if $dir = /exit/ print "-- Exploit FailedYou Are Exited \n"; exit; if $dir = /// else print "-- Exploit FailedNo DIR \n"; exit; $target =...

7.4AI score
Exploits0
OSV
OSV
added 2007/03/10 10:19 p.m.2 views

DEBIAN-CVE-2007-1395

Incomplete blacklist vulnerability in index.php in phpMyAdmin 2.8.0 through 2.9.2 allows remote attackers to conduct cross-site scripting XSS attacks by injecting arbitrary JavaScript or HTML in a 1 db or 2 table parameter value followed by an uppercase end tag, which bypasses the protection...

4.3CVSS5.7AI score0.0142EPSS
Exploits1References1
CVE
CVE
added 2007/03/10 10:0 p.m.78 views

CVE-2007-1395

CVE-2007-1395 is an incomplete blacklist XSS vulnerability in phpMyAdmin 2.8.0–2.9.2, present in index.php where a (1) db or (2) table parameter value can inject arbitrary JavaScript/HTML, followed by an uppercase tag, bypassing lowercase filters. Multiple connected sources confirm this issue a...

4.3CVSS5.3AI score0.0142EPSS
Exploits1References8Affected Software1
Rows per page
Query Builder