Uebimiau Web-Mail 2.7.10/2.7.2 Remote File Disclosure Vulnerability

No description provided by source. ---- Uebimiau Web-Mail Remote File Reader ... ITDefence.ru Antichat.ru Uebimiau Web-Mail Remote File Reader Eugene Minaev [email protected] / \ \ \ / .\ / /// // / \ / \ // / / / /// /\ / / / / // / / / / / /...

Sql injection

SQL injection vulnerability in app/models/identity.php in NoseRub 0.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the username field to the login script...

CVE-2007-6602

SQL injection vulnerability in app/models/identity.php in NoseRub 0.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the username field to the login script...

PHPCentral Login Script Remote Command Execution Vulnerability

PHPCentral Login Script Remote Command Execution Vulnerability ----------------------------------------------------------------------- Script : PHPCentral Login Script Version : 1.0 Site : http://www.phpcentral.org/scripts.php Founder : Rizgar Contact : [email protected] and irc.gigachat.net...

Sql injection

SQL injection vulnerability in the login script in Real Estate listing website application template, when logging in as user or manager, allows remote attackers to execute arbitrary SQL commands via the Password parameter...

CVE-2007-4111

CVE-2007-4111 affects the login script of a Real Estate listing website application template, where the Password parameter is vulnerable to SQL injection due to improper input handling. The vulnerability allows remote attackers to execute arbitrary SQL commands via the Password field, potentially...

CVE-2007-4111

SQL injection vulnerability in the login script in Real Estate listing website application template, when logging in as user or manager, allows remote attackers to execute arbitrary SQL commands via the Password parameter...

CVE-2007-0784

SQL injection vulnerability in login.asp for tPassword in the Raymond BERTHOU script collection aka RBL - ASP allows remote attackers to execute arbitrary SQL commands via the 1 User and 2 Password parameters...

Barracuda Vulnerability: Hardcoded Password [NNL-20060801-01]

Title: Barracuda Hardcoded Password Vulnerability Severity: High Sensitive Information Disclosure Date: 01 August 2006 Version Affected: Barracuda Spam Firewall version 3.3.01.001 to 3.3.03.053 Discovered by: Greg Sinclair [email protected] Discovered on: 28 May 2006 Overview: Barracuda Sp...

DEBIAN-CVE-2005-4494

Cross-site scripting XSS vulnerability in SPIP 1.8.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to 1 spiplogin.php3 and 2 spippass.php3...

WEBppliance ocw_login_username Parameter XSS

The remote host is running WEBppliance, a web hosting control panel for Windows and Linux from Ensim. The installed version of WEBppliance is prone to cross-site scripting attacks because it fails to sanitize user-supplied input to the 'ocwloginusername' parameter of the login script before using...

Livingcolor Livingmailing 1.3 - 'login.asp' SQL Injection

source: https://www.securityfocus.com/bid/13836/info livingmailing is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'login.asp' script. livingmailing 1.3 is reported vulnerable. The following proof of...

phorum503.txt

Vendor : Phorum URL : http://www.phorum.org Version : Phorum 5.0.3 Beta && Earlier Risk : Cross Site Scripting Description: Phorum is a web based message board written in PHP. Phorum is designed with high-availability and visitor ease of use in mind. Features such as mailing list integration, eas...

Cpanel 9.1.0 have a problem ?

Hi all I found another problem in login script http://www.xxx.com:2082/login/?user=|"id"| it same the first it give ROOT & u can use "+" or "20" without any problem : ! lool look @ this: / sh: /var/cpanel/users/: is a directory sh: uid=0root gid=0root...

cPanel 5/6/7/8/9 - Login Script Remote Command Execution

source: https://www.securityfocus.com/bid/9855/info A potential remote command execution vulnerability has been discovered in the cPanel application. This issue occurs due to insufficient sanitization of externally supplied data to the login script. An attacker may exploit this problem by craftin...

Emumail EMU Webmail 5.2.7 - 'emumail.fcgi' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/9861/info Multiple vulnerabilities have been identified in the application that may allow an attacker to carry out cross-site scripting attacks and disclose the path to the victim's home directory. The issues are reported to exist in the login script,...

Emumail EMU Webmail 5.2.7 - nit.emu Information Disclosure

source: https://www.securityfocus.com/bid/9861/info Multiple vulnerabilities have been identified in the application that may allow an attacker to carry out cross-site scripting attacks and disclose the path to the victim's home directory. The issues are reported to exist in the login script,...

Admin Access Vulnerability in Community Wizard

Admin Access Vulnerability in Community Wizard Affected Systems: Community Wizard version: 5.1 and possibly earlier versions Vendor: http://www.sepcity.com , http://www.commwiz.com Issue: gain admin access Released: 18 September 2003 Introduction: ============= "Community Wizard allows anyone to...

BlackBoard 5.0 - Cross-Site Scripting

BlackBoard 5.0 - Cross-Site Scripting source: https://www.securityfocus.com/bid/5137/info Blackboard is reportedly prone to cross-site scripting attacks. This issue was reported to be in the login.pl script. The vulnerable script fails to sanitize HTML tags from CGI parameters. Attackers may...