Lucene search
K

263 matches found

Cvelist
Cvelist
added 2008/12/30 8:0 p.m.19 views

CVE-2008-5762

Simple Text-File Login Script SiTeFiLo 1.0.6 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the password via a direct request for slogusers.txt...

6.5AI score0.02615EPSS
Exploits0References4
seebug.org
seebug.org
added 2008/12/15 12:0 a.m.25 views

Simple Text-File Login script 1.0.6 (DD/RFI) Multiple Vulnerabilities

No description provided by source. START 0x01 Informations: Script : Simple Text-File Login script 1.0.6 Download : http://www.hotscripts.com/jump.php?listingid=36777&jumptype=1 Vulnerability : Remote File Inclusion / Sensitive Data Disclosure Author : Osirys Contact : osirysatlivedotit Notes :...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/12/14 12:0 a.m.431 views

Simple Text-File Login script (SiTeFiLo) 1.0.6 - File Disclosure / Remote File Inclusion

START 0x01 Informations: Script : Simple Text-File Login script 1.0.6 Download : http://www.hotscripts.com/jump.php?listingid=36777&jumptype=1 Vulnerability : Remote File Inclusion / Sensitive Data Disclosure Author : Osirys Contact : osirysatlivedotit Notes : Proud to be Italian Greets: : XaDoS,...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2008/08/11 12:0 a.m.34 views

RTH login.php uname Parameter SQL Injection

The remote host is running RTH, a web-based software testing framework written in PHP. The version of RTH installed on the remote host fails to sanitize input to the 'uname' array parameter of the 'login.php' script before using it in a database query. Provided PHP's 'magicquotesgpc' setting is...

5.9AI score
Exploits0References2
seebug.org
seebug.org
added 2008/01/07 12:0 a.m.100 views

Uebimiau Web-Mail 2.7.10/2.7.2 Remote File Disclosure Vulnerability

No description provided by source. ---- Uebimiau Web-Mail Remote File Reader ... ITDefence.ru Antichat.ru Uebimiau Web-Mail Remote File Reader Eugene Minaev [email protected] / \ \ \ / .\ / /// // / \ / \ // / / / /// /\ / / / / // / / / / / /...

7.1AI score
Exploits0
Prion
Prion
added 2007/12/31 8:46 p.m.13 views

Sql injection

SQL injection vulnerability in app/models/identity.php in NoseRub 0.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the username field to the login script...

7.5CVSS9.1AI score0.01276EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2007/12/31 8:0 p.m.20 views

CVE-2007-6602

SQL injection vulnerability in app/models/identity.php in NoseRub 0.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the username field to the login script...

8.4AI score0.01276EPSS
Exploits1References7
securityvulns
securityvulns
added 2007/08/14 12:0 a.m.48 views

PHPCentral Login Script Remote Command Execution Vulnerability

PHPCentral Login Script Remote Command Execution Vulnerability ----------------------------------------------------------------------- Script : PHPCentral Login Script Version : 1.0 Site : http://www.phpcentral.org/scripts.php Founder : Rizgar Contact : [email protected] and irc.gigachat.net...

2.2AI score
Exploits0
Prion
Prion
added 2007/07/31 10:17 a.m.13 views

Sql injection

SQL injection vulnerability in the login script in Real Estate listing website application template, when logging in as user or manager, allows remote attackers to execute arbitrary SQL commands via the Password parameter...

6.8CVSS9.1AI score0.0107EPSS
Exploits0References6
CVE
CVE
added 2007/07/31 10:0 a.m.47 views

CVE-2007-4111

CVE-2007-4111 affects the login script of a Real Estate listing website application template, where the Password parameter is vulnerable to SQL injection due to improper input handling. The vulnerability allows remote attackers to execute arbitrary SQL commands via the Password field, potentially...

6.8CVSS8.3AI score0.0107EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2007/07/31 10:0 a.m.19 views

CVE-2007-4111

SQL injection vulnerability in the login script in Real Estate listing website application template, when logging in as user or manager, allows remote attackers to execute arbitrary SQL commands via the Password parameter...

8.3AI score0.0107EPSS
Exploits0References6
NVD
NVD
added 2007/02/06 5:28 p.m.10 views

CVE-2007-0784

SQL injection vulnerability in login.asp for tPassword in the Raymond BERTHOU script collection aka RBL - ASP allows remote attackers to execute arbitrary SQL commands via the 1 User and 2 Password parameters...

7.5CVSS8.4AI score0.01706EPSS
Exploits1References5
securityvulns
securityvulns
added 2006/08/02 12:0 a.m.47 views

Barracuda Vulnerability: Hardcoded Password [NNL-20060801-01]

Title: Barracuda Hardcoded Password Vulnerability Severity: High Sensitive Information Disclosure Date: 01 August 2006 Version Affected: Barracuda Spam Firewall version 3.3.01.001 to 3.3.03.053 Discovered by: Greg Sinclair [email protected] Discovered on: 28 May 2006 Overview: Barracuda Sp...

0.6AI score
Exploits0
OSV
OSV
added 2005/12/22 11:3 a.m.3 views

DEBIAN-CVE-2005-4494

Cross-site scripting XSS vulnerability in SPIP 1.8.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to 1 spiplogin.php3 and 2 spippass.php3...

2.6CVSS6AI score0.01353EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2005/09/27 12:0 a.m.67 views

WEBppliance ocw_login_username Parameter XSS

The remote host is running WEBppliance, a web hosting control panel for Windows and Linux from Ensim. The installed version of WEBppliance is prone to cross-site scripting attacks because it fails to sanitize user-supplied input to the 'ocwloginusername' parameter of the login script before using...

4.3CVSS5.3AI score0.01164EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2005/06/01 12:0 a.m.17 views

Livingcolor Livingmailing 1.3 - 'login.asp' SQL Injection

source: https://www.securityfocus.com/bid/13836/info livingmailing is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'login.asp' script. livingmailing 1.3 is reported vulnerable. The following proof of...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2004/03/17 12:0 a.m.38 views

phorum503.txt

Vendor : Phorum URL : http://www.phorum.org Version : Phorum 5.0.3 Beta && Earlier Risk : Cross Site Scripting Description: Phorum is a web based message board written in PHP. Phorum is designed with high-availability and visitor ease of use in mind. Features such as mailing list integration, eas...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2004/03/13 12:0 a.m.19 views

Cpanel 9.1.0 have a problem ?

Hi all I found another problem in login script http://www.xxx.com:2082/login/?user=|"id"| it same the first it give ROOT & u can use "+" or "20" without any problem : ! lool look @ this: / sh: /var/cpanel/users/: is a directory sh: uid=0root gid=0root...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2004/03/12 12:0 a.m.49 views

cPanel 5/6/7/8/9 - Login Script Remote Command Execution

source: https://www.securityfocus.com/bid/9855/info A potential remote command execution vulnerability has been discovered in the cPanel application. This issue occurs due to insufficient sanitization of externally supplied data to the login script. An attacker may exploit this problem by craftin...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2004/03/12 12:0 a.m.26 views

Emumail EMU Webmail 5.2.7 - 'emumail.fcgi' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/9861/info Multiple vulnerabilities have been identified in the application that may allow an attacker to carry out cross-site scripting attacks and disclose the path to the victim's home directory. The issues are reported to exist in the login script,...

7.4AI score
Exploits0
Rows per page
Query Builder