CVE-2009-2553

Multiple SQL injection vulnerabilities in comments.php in Super Simple Blog Script 2.5.4, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the entry parameter...

Traidnt UP 2.0 Blind SQL Injection

?php printr' || || | || o,7 || . o7 || q||| o///, : / / . /QQQQQQQQQQQQQQQQQQQ\ q Traidnt UP 2.0 Blind SQL Inj. /QQQ/\QQQ\ /QQQQQ/ \QQQQQQ\ q FILES 3 /QQQQ/ QQQQ\ /QQQQ/ \QQQQ\ q Magic Quotes == OFF! |QQQQ/ By Qabandi \QQQQ| |QQQQ| |QQQQ| |QQQQ| From Kuwait, PEACE... |QQQQ| |QQQQ| |QQQQ| |QQQQ...

Traidnt UP 2.0 - Blind SQL Injection

Traidnt UP 2.0 - Blind SQL Injection ?php printr' || || | || o,7 || . o7 || q||| o///, : / / . /QQQQQQQQQQQQQQQQQQQ\ q Traidnt UP 2.0 Blind SQL Inj. /QQQ/\QQQ\ /QQQQQ/ \QQQQQQ\ q FILES 3 /QQQQ/ QQQQ\ /QQQQ/ \QQQQ\ q Magic Quotes == OFF! |QQQQ/ By Qabandi \QQQQ| |QQQQ| |QQQQ| |QQQQ| From Kuwait,...

Traidnt UP 2.0 Remote Blind SQL Injection Exploit

No description provided by source. ?php printr' || || | || o,7 || . o7 || q||| o///, : / / . /QQQQQQQQQQQQQQQQQQQ\ q Traidnt UP 2.0 Blind SQL Inj. /QQQ/\QQQ\ /QQQQQ/ \QQQQQQ\ q FILES 3 /QQQQ/ QQQQ\ /QQQQ/ \QQQQ\ q Magic Quotes == OFF! |QQQQ/ By Qabandi \QQQQ| |QQQQ| |QQQQ| |QQQQ| From Kuwait,...

Mobilelib Gold 3.0 - Local File Disclosure

|| || | || o,7 || . o7 || q||| o\, : / / . /QQQQQQQQQQQQQQQQQQQ\ /QQQ/\QQQ\ /QQQQQ/ \QQQQQQ\ /QQQQ/ QQQQ\ /QQQQ/ \QQQQ\ |QQQQ/ By Qabandi \QQQQ| |QQQQ| |QQQQ| |QQQQ| From Kuwait, PEACE... |QQQQ| |QQQQ| |QQQQ| |QQQQ\ iqaahotmail.fr /QQQQ| \QQQQ\ /QQQQ/ \QQQQ\ /QQ\QQQQ/ \QQQQ\ \QQQQQQQ/ \QQQQQ...

Citrix XenCenterWeb Multiple Vulnerabilities

Secure Network - Security Research Advisory Vuln name: Citrix XenCenterWeb Multiple Vulnerabilities Systems affected: Citrix XenCenterWeb Systems not affected: n/a Severity: High Local/Remote: Remote Vendor URL: http://www.citrix.com Authors: Alberto Trivero [email protected] - Claudio...

CVE-2009-2220

Multiple directory traversal vulnerabilities in Tribiq CMS 5.0.12c, when registerglobals is enabled and magicquotesgpc is disabled, allow remote attackers to include and possibly execute arbitrary files via directory traversal sequences in the templatepath parameter to 1 masthead.inc.php, 2...

Old Y article management system of the injection 0day-vulnerability warning-the black bar safety net

Magic springsB. S. N. hacking Defense Vulnerability rating: moderate Vulnerability description: The vulnerability appears in the js. asp, we first look at the source code. Code: If CheckStrRequest"ClassNo" "" then ClassNo = splitCheckStrRequest"ClassNo","|" 'Here is to get the variable using...

CVE-2009-2177

code/display.php in fuzzylime cms 3.03a and earlier, when magicquotesgpc is disabled, allows remote attackers to conduct directory traversal attacks and overwrite arbitrary files via a "....//" dot dot in the s parameter, which is collapsed into a "../" value...

CVE-2009-2176

Multiple directory traversal vulnerabilities in fuzzylime cms 3.03a and earlier, when magicquotesgpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the 1 list parameter to code/confirm.php and the 2 template parameter to...

(GET var 'name') BLIND SQL INJECTION EXPLOIT --FretsWeb 1.2-->

!/usr/bin/python ---------------------------------------------------------------- GET var 'name' BLIND SQL INJECTION EXPLOIT --FretsWeb 1.2-- ---------------------------------------------------------------- CMS INFORMATION: --WEB: http://sourceforge.net/projects/fretsweb/ --DOWNLOAD:...

CVE-2009-2132

Directory traversal vulnerability in global.php in 4images before 1.7.7, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the l parameter...

Directory traversal

Multiple directory traversal vulnerabilities in DB Top Sites 1.0, when magicquotesgpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. dot dot in the u parameter to 1 full.php, 2 index.php, and 3 contact.php...

CVE-2009-2110

Multiple directory traversal vulnerabilities in DB Top Sites 1.0, when magicquotesgpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. dot dot in the u parameter to 1 full.php, 2 index.php, and 3 contact.php...

XOOPS <= 2.3.3 Remote File Disclosure Vulnerability (.htaccess)

No description provided by source. ======================================================================== XOOPS = 2.3.3 Remote Arbitrary File Retrieval ======================================================================== Affected Software : XOOPS = 2.3.3 Author : Luca "daath" De Fulgentis -...

4Images 1.7.7 - Filter Bypass HTML Injection Cross-Site Scripting

4Images 1.7.7 - Filter Bypass HTML Injection Cross-Site Scripting || || | || o,7 || . o7 || q||| o\, : / / . =By: Qabandi =Email: iqaahotmail.fr From Kuwait, PEACE... =Vuln: 4images = 1.7.7 - filter bypass HTML injection/XSS =INFO: =BUY: =DORK: -=/:Conditions:=-...

4images 1.7.7 Bypass / Cross Site Scripting

|| || | || o,7 || . o7 || q||| o\, : / / . =By: Qabandi =Email: iqaahotmail.fr From Kuwait, PEACE... =Vuln: 4images = 1.7.7 - filter bypass HTML injection/XSS =INFO: =BUY: =DORK: -=/:Conditions:=- --------------------------------------------------------------------------------- ; Magic quotes...

PHPWebThings 1.5.2 - 'help.php?module' Local File Inclusion

---------------------------------------------------------------------------------------------------- Name : phpwebthings LFI; ---------------------------------------------------------------------------------------------------- P0c:...

School Data Navigator (page) Local/Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ====================================================================== School Data Navigator page Local/Remote File Inclusion Vulnerability ======================================================================...

Shop Script Pro 2.12 SQL Injection

!/usr/bin/perl =about VENDOR Shop Script Pro 2.12 maybe other versions vulnerable too http://www.shop-script.com/ AUTHOR discovered & written by Ams ax330d doggy gmail dot com http://www.0x416d73.name/ VULN. DESCRIPTION Look in index.php at line 101. Variable $currentcurrency is set from...