CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

0day.today•added 2010/01/23 12:0 a.m.•15 views

magic-portal v2.1 SQL Injection Vulnerability

Exploit for unknown platform in category web applications ============================================= magic-portal v2.1 SQL Injection Vulnerability ============================================= :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: Exploit Title...

exploitpack•added 2010/01/23 12:0 a.m.•9 views

magic-portal 2.1 - SQL Injection

magic-portal 2.1 - SQL Injection :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: Exploit Title :magic-portal SQL injection Vulnerability Author: alnjm33 Software Link: Version: 2.1 Tested on: Version 2.1 My home : Sec-war.com...

8.6AI score

Exploit DB•added 2010/01/16 12:0 a.m.•33 views

PHP-RESIDENCE 0.7.2 - Multiple Local File Inclusions

'/ -.- --------------------oOO------OOo------------------- | PHP-RESIDENCE ! Download: http://www.digitaldruid.net/download/php-residence0.7.2.zip ! Date: 30.12.2009 ! Remote: yes ! Code : include"./includes/templates/$templatedatadir/phrases.php"; ! PoC:...

exploitpack•added 2010/01/16 12:0 a.m.•13 views

PHP-RESIDENCE 0.7.2 - Multiple Local File Inclusions

PHP-RESIDENCE 0.7.2 - Multiple Local File Inclusions '/ -.- --------------------oOO------OOo------------------- | PHP-RESIDENCE ! Download: http://www.digitaldruid.net/download/php-residence0.7.2.zip ! Date: 30.12.2009 ! Remote: yes ! Code :...

Exploit DB•added 2010/01/16 12:0 a.m.•28 views

MoME CMS 0.8.5 - Remote Authentication Bypass

'/ -.- --------------------oOO------OOo------------------- | MoME CMS ! Download: http://sourceforge.net/projects/mome/files/ ! Date: 16.01.2010 ! Remote: yes ! Code : //controllo user e passwd da login ifisset$POST'postedusername' && isset$POST'postedpassword' $query="SELECT FROM users WHERE...

7AI score

Packet Storm•added 2010/01/15 12:0 a.m.•20 views

DasForum Local File Inclusion

'/ -.- --------------------oOO------OOo------------------- | DasForum layout Local File Inclusion Exploit | | works only with magicquotesgpc = off | ------------------------------------------------------ ! Discovered: cr4wl3r ! Download: http://mirror.vocabbuilder.net/savannah/dasforum/ ! Date:...

Positive Technologies•added 2010/01/06 12:0 a.m.•3 views

PT-2010-1400 · Roseonline · Roseonlinecms

Name of the Vulnerable Software and Affected Versions: RoseOnlineCMS versions 3 B1 and earlier Description: The issue allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the admin parameter in the modules/admincp.php file when magic quotes gpc...

9.8CVSS9.4AI score0.05236EPSS

Exploits1References7

exploitpack•added 2010/01/01 12:0 a.m.•12 views

Reamday Enterprises Magic News Plus 1.0.2 - Cross-Site Scripting

Reamday Enterprises Magic News Plus 1.0.2 - Cross-Site Scripting source: https://www.securityfocus.com/bid/37566/info Magic News Plus is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to...

0.1AI score

Packet Storm•added 2009/12/30 12:0 a.m.•15 views

Joomla MemoryBook 1.2 SQL Injection / RFI

SQL Injection ------------- requires: magic quotes OFF, user account Add this as the description of a new event: ', 63,SELECT CONCATusername,0x20,email FROM users WHERE gid=25 LIMIT 1,1,1,1 -- ' NOTE: 63 MUST be your Joomla user ID. extracted info can be found on View Events page Remote File...

0.6AI score

exploitpack•added 2009/12/30 12:0 a.m.•9 views

RoseOnlineCMS 3 B1 - admin Local File Inclusion

RoseOnlineCMS 3 B1 - admin Local File Inclusion '/ -.- --------------------oOO------OOo------------------- | RoseOnlineCMS ! Download: http://sourceforge.net/projects/rosecms/files/ ! Date: 30.12.2009 ! Remote: yes ! Code : Click here to go back home'; obendflush; ? ! PoC:...

seebug.org•added 2009/12/30 12:0 a.m.•15 views

RoseOnlineCMS <= 3 B1 (admin) Local File Inclusion

No description provided by source. '/ -.- --------------------oOO------OOo------------------- | RoseOnlineCMS = 3 B1 admin Local File Inclusion | | works only with magicquotesgpc = off | ------------------------------------------------------ ! Discovered: cr4wl3r cr4wl3r!linuxmail.org ! Download:...

exploitpack•added 2009/12/27 12:0 a.m.•24 views

Joomla! Component memorybook 1.2 - Multiple Vulnerabilities

Joomla! Component memorybook 1.2 - Multiple Vulnerabilities SQL Injection ------------- requires: magic quotes OFF, user account Add this as the description of a new event: ', 63,SELECT CONCATusername,0x20,email FROM users WHERE gid=25 LIMIT 1,1,1,1 -- ' NOTE: 63 MUST be your Joomla user ID...

0.6AI score

UbuntuCve•added 2009/12/24 4:30 p.m.•15 views

CVE-2009-4414

SQL injection vulnerability in phpgwapi /inc/class.authsql.inc.php in phpGroupWare 0.9.16.12, and possibly other versions before 0.9.16.014, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the passwd parameter to login.php...

6.8CVSS6.1AI score0.01277EPSS

Exploits1References1

Exploit DB•added 2009/12/20 12:0 a.m.•33 views

Ignition 1.2 - Multiple Local File Inclusions

Ignition 1.2 Multiple Local File Inclusion Vulnerabilities disclosed by cOndemned download: http://launchpadlibrarian.net/27567060/ignition1.2.zip note: magicquotesgpc should be turned off in order to exploit this vulnerability greetz: all friends, SecurityReason team : comment.php 1. view.php 1...

0day.today•added 2009/12/20 12:0 a.m.•20 views

Ignition 1.2 Multiple Local File Inclusion Vulnerabilities

Exploit for unknown platform in category web applications ========================================================== Ignition 1.2 Multiple Local File Inclusion Vulnerabilities ========================================================== Ignition 1.2 Multiple Local File Inclusion Vulnerabilities...

seebug.org•added 2009/12/20 12:0 a.m.•14 views

Ignition 1.2 Multiple Local File Inclusion Vulnerabilities

No description provided by source. Ignition 1.2 Multiple Local File Inclusion Vulnerabilities disclosed by cOndemned download: http://launchpadlibrarian.net/27567060/ignition1.2.zip note: magicquotesgpc should be turned off in order to exploit this vulnerability greetz: all friends, SecurityReaso...

securityvulns•added 2009/12/15 12:0 a.m.•50 views

phpCollegeExchange 0.1.5c Multiple SQL Injection Vulnerabilities

phpCollegeExchange 0.1.5c Multiple SQL Injection Vulnerabilities Name phpCollegeExchange Vendor http://phpcollegeex.sourceforge.net Versions Affected 0.1.5c Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2009-12-11 X...

8.5AI score

securityvulns•added 2009/12/15 12:0 a.m.•53 views

B2C Booking Centre Systems - SQL Injection Vulnerability

B2C Booking Centre Systems - SQL Injection Vulnerability Name B2D Booking Centre Systems Vendor http://www.bookingcentre.eu Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2009-12-11 X. INDEX I. ABOUT THE APPLICATION II...

0.5AI score

seebug.org•added 2009/12/14 12:0 a.m.•26 views

Digital Scribe 1.4.1 Multiple SQL Injection Vulnerabilities

No description provided by source. Name Digital Scribe Vendor http://www.digital-scribe.org Versions Affected 1.4.1 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2009-12-11 X. INDEX I. ABOUT THE APPLICATION II...