Lucene search
K

3750 matches found

0day.today
0day.today
added 2010/04/14 12:0 a.m.52 views

Magic Uploader Mini Upload Vulnerability

Exploit for php platform in category web applications ======================================== Magic Uploader Mini Upload Vulnerability ======================================== ======================================================================================== | Title : Magic Uploader Mini...

7.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2010/04/13 12:0 a.m.5 views

PT-2010-3056 · Xt:Commerce · Xt:Commerce

Name of the Vulnerable Software and Affected Versions: xt:Commerce affected versions not specified Description: The issue allows remote attackers to execute arbitrary SQL commands via the coID parameter in the Direct URL module, specifically in the bluegate seo.inc.php file, when magic quotes gpc...

6.8CVSS7.7AI score0.01109EPSS
Exploits0References5
Prion
Prion
added 2010/04/08 4:30 p.m.9 views

Directory traversal

Directory traversal vulnerability in the Magic Updater comjoomlaupdater component for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php...

5CVSS7.2AI score0.10158EPSS
Exploits2References6Affected Software1
CVE
CVE
added 2010/04/08 4:0 p.m.88 views

CVE-2010-1307

Nuclei templates confirm a Local File Inclusion in Joomla! via the Magic Updater (com_joomlaupdater). The vulnerability arises from a directory traversal in the index.php controller parameter, allowing remote attackers to read arbitrary files. Affected component: Joomla! Magic Updater (com_joomla...

5CVSS6.8AI score0.10158EPSS
Exploits2References6Affected Software1
Cvelist
Cvelist
added 2010/04/08 4:0 p.m.17 views

CVE-2010-1307

Directory traversal vulnerability in the Magic Updater comjoomlaupdater component for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php...

6.6AI score0.10158EPSS
Exploits2References6
Prion
Prion
added 2010/04/07 6:30 p.m.10 views

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in DynPG CMS 4.1.0, and possibly earlier, when magicquotesgpc is disabled and registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the 1 DefineRootToTool parameter to counter.php, 2 PathToRoot parameter to...

5.1CVSS8.2AI score0.1073EPSS
Exploits1References9Affected Software1
NVD
NVD
added 2010/04/06 3:30 p.m.19 views

CVE-2010-1268

Directory traversal vulnerability in index.php in justVisual CMS 2.0, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files directory traversal sequences in the p parameter. NOTE: some of these details are obtained from third party information...

6.8CVSS7.2AI score0.02297EPSS
Exploits1References6
Packet Storm
Packet Storm
added 2010/04/06 12:0 a.m.27 views

Joomla Magic Updater Local File Inclusion

================================================================================================ Title : Joomla Magic Updater comjoomlaupdater LFI Vulnerability Date : Monday, 05 April 2010 Indonesia Author : Vrs-hCk Contact : anderatantisecurity.org Blog : http://c0li.blogspot.com/...

Exploits0
Exploit DB
Exploit DB
added 2010/04/05 12:0 a.m.35 views

Joomla! Component Magic Updater - Local File Inclusion

================================================================================================ Title : Joomla Magic Updater comjoomlaupdater LFI Vulnerability Date : Monday, 05 April 2010 Indonesia Author : Vrs-hCk Contact : anderatantisecurity.org Blog : http://c0li.blogspot.com/...

7.4AI score
Exploits0
0day.today
0day.today
added 2010/04/05 12:0 a.m.28 views

Joomla Magic Updater com_joomlaupdater LFI Vulnerability

Exploit for php platform in category web applications ======================================================== Joomla Magic Updater comjoomlaupdater LFI Vulnerability ========================================================...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2010/03/30 11:0 p.m.22 views

CVE-2010-1217

Directory traversal vulnerability in the JE Form Creator comjeformcr component for Joomla!, when magicquotesgpc is disabled, allows remote attackers to read arbitrary files via directory traversal sequences in the view parameter to index.php. NOTE: the original researcher states that the affected...

6.6AI score0.06429EPSS
Exploits1References5
NVD
NVD
added 2010/03/23 5:30 p.m.16 views

CVE-2010-1055

Multiple PHP remote file inclusion vulnerabilities in osDate 2.1.9 and 2.5.4, when magicquotesgpc is disabled and registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the configforuminstalled parameter to 1 forum/adminLogin.php and 2 forum/userLogin.php...

5.1CVSS7.7AI score0.02602EPSS
Exploits1References7
NVD
NVD
added 2010/03/23 5:30 p.m.15 views

CVE-2010-1063

Multiple directory traversal vulnerabilities in Phpkobo Free Real Estate Contact Form 1.09, when magicquotesgpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the LANGCODE parameter to 1 codelib/cfg/common.inc.php, 2...

6.8CVSS7.1AI score0.01356EPSS
Exploits1References2
ThreatPost
ThreatPost
added 2010/03/19 6:11 p.m.9 views

As Many as 3,000 Vodafone Memory Cards Infected by Malware

The malware that was found on a pair of Vodafone memory cards installed in HTC Magic handsets recently has in fact affected an entire batch of 3,000 memory cards, the company said. Vodafone Spain said that the company’s investigation into the incident found that a much larger number of cards was...

0.7AI score
Exploits0References3
Prion
Prion
added 2010/03/18 6:30 p.m.17 views

Sql injection

SQL injection vulnerability in tt/index.php in TT Web Site Manager 0.5, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the ttname parameter. NOTE: some of these details are obtained from third party information...

6.8CVSS8.9AI score0.0095EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2010/03/18 6:0 p.m.20 views

CVE-2009-4722

SQL injection vulnerability in the CheckLogin function in includes/functions.php in Limny 1.01, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter...

8.3AI score0.01957EPSS
Exploits1References4
Prion
Prion
added 2010/03/16 7:0 p.m.19 views

Directory traversal

Multiple directory traversal vulnerabilities in Geekhelps ADMP 1.01, when magicquotesgpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the style parameter to 1 colorvoid/footer.php, 2 default-green/footer.php, 3...

5.1CVSS7.9AI score0.02741EPSS
Exploits1References8Affected Software1
Cvelist
Cvelist
added 2010/03/16 6:26 p.m.21 views

CVE-2010-0967

Multiple directory traversal vulnerabilities in Geekhelps ADMP 1.01, when magicquotesgpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the style parameter to 1 colorvoid/footer.php, 2 default-green/footer.php, 3...

7.3AI score0.02741EPSS
Exploits1References8
CVE
CVE
added 2010/03/09 8:0 p.m.45 views

CVE-2010-0958

CVE-2010-0958 describes a directory traversal vulnerability in Tribisur (versions 2.1, 2.0 and earlier) affecting the file modules/hayoo/index.php when magic_quotes_gpc is disabled. Attackers could use directory traversal sequences in the theme parameter to include and execute arbitrary files. Th...

6.8CVSS7.5AI score0.01872EPSS
Exploits1References4Affected Software1
ThreatPost
ThreatPost
added 2010/03/09 2:56 p.m.18 views

Vodafone-Distributed Handset Found Pre-installed With Mariposa Bot

Security researchers have found the Mariposa bot client pre-installed on a mobile phone handset distributed in Europe, and say that the malware looks to have been installed on the phone’s memory card. The phone, the HTC Magic, runs the Google Android mobile operating system, and is a low-priced...

7.5AI score
Exploits0References6
Rows per page
Query Builder