2DayBiz The Web Template Software - SQL Injection / Cross-Site Scripting

$------------------------------------------------------------------------------------------------------------------- $ 2daybiz - The Web Template Software SQL injection and XSS vulnerability $ Author : Sangteamtham $ Home : Hcegroup.net $ Download :http://www.2daybiz.com/webtemplatesoftware.html ...

Piwik 0.5.5 Cross Site Scripting

Title: Piwik 0.5.5 Cross-Site Scripting Vulnerability Date: 3/29/2010 Author: garwga Software Link: http://piwik.org/ Version: 0.5.5 ================================================================= Piwik 0.5.5 Cross-Site Scripting Vulnerability...

Sun OpenSSO / Java System Access Manager Login Module User Account Enumeration Weakness

The remote host is running Sun OpenSSO, or Sun Java System Access Manager as it was previously known, an enterprise-class product that provides web access management, federation, and web services security. The version of the Login module included with Sun OpenSSO / Sun Java System Access Manager ...

Code injection

The login module in Sun Java System Access Manager 6 2005Q1 aka 6.3, 7 2005Q4 aka 7.0, and 7.1 responds differently to a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames...

CVE-2009-0348

The login module in Sun Java System Access Manager 6 2005Q1 aka 6.3, 7 2005Q4 aka 7.0, and 7.1 responds differently to a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames...

CVE-2009-0348

CVE-2009-0348 affects Sun Java System Access Manager: login module responsiveness difference during failed logins allows remote username enumeration. Versions implicated: 6 2005Q1 (aka 6.3), 7 2005Q4 (aka 7.0), and 7.1. The description does not specify an exploit or affected patch level beyond th...

MolyX 2.8.0（魔力论坛）注射漏洞

魔力论坛最新版本 2.8.0 在登陆模块存在缺陷,通过精心构造代码获取管理员密码hash //login.php switch $INPUT'do' case 'login': $this-dologin; break; case 'logout': $this-dologout; break; case 'autologin': $this-autologin;---该函数存在漏洞 break; default: $this-loginpage; break; …… function autologin global $forums, $DB, $bboptions,...

Sql injection

SQL injection vulnerability in the CUA Login Module in EMC Centera Universal Access CUA 4.04735.p4 allows remote attackers to execute arbitrary SQL commands via the user user name field...