Lucene search
K

3751 matches found

seebug.org
seebug.org
added 2007/07/01 12:0 a.m.74 views

TotalCalendar <= 2.402 (view_event.php) Remote SQL Injection Vulns

No description provided by source. --==+================================================================================+==--br / --==+ TotalCalendar 2.402 SQL Injection Vulnerability +==--br /...

7.1AI score
Exploits0
NVD
NVD
added 2007/06/26 5:30 p.m.21 views

CVE-2007-3183

Multiple SQL injection vulnerabilities in Calendarix 0.7.20070307, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 month and 2 year parameters to calendar.php and the 3 search string to calsearch.php...

6.8CVSS8.3AI score0.04496EPSS
Exploits1References10
EUVD
EUVD
added 2007/06/19 5:0 p.m.4 views

EUVD-2007-3119

content.php in WSPortal 1.0, when magicquotesgpc is disabled, allows remote attackers to obtain sensitive information via a "';" quote semicolon sequence in the page parameter, which reveals the installation path in the resulting forced SQL error message...

5CVSS6.5AI score0.0303EPSS
Exploits0References6
Gentoo Linux
Gentoo Linux
added 2007/06/19 12:0 a.m.37 views

PHProjekt: Multiple vulnerabilities

Background PHProjekt is a project management and coordination tool written in PHP. Description Alexios Fakos from n.runs AG has discovered multiple vulnerabilities in PHProjekt, including the execution of arbitrary SQL commands using unknown vectors CVE-2007-1575, the execution of arbitrary PHP...

7.5CVSS7.3AI score0.02021EPSS
Exploits0
Cvelist
Cvelist
added 2007/06/14 10:0 p.m.15 views

CVE-2007-3214

SQL injection vulnerability in style.php in e-Vision CMS 2.02 and earlier, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the template parameter...

8.4AI score0.01129EPSS
Exploits1References6
securityvulns
securityvulns
added 2007/05/25 12:0 a.m.36 views

[waraxe-2007-SA#050] - Sql Injection in WordPress 2.1.3

waraxe-2007-SA050 - Sql Injection in WordPress 2.1.3 ==================================================================== Author: Janek Vind "waraxe" Date: 21. May 2007 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-50.html Target software description: Vulnerable: WordPress 2.1.3...

8.5AI score
Exploits0
securityvulns
securityvulns
added 2007/05/23 12:0 a.m.27 views

Magic ISO buffer overflow

Buffer overflow on .cue files parsing...

4.9AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2007/05/23 12:0 a.m.49 views

Magic iso heap over flow <Help>

Ive found a heap over flow in magic iso when opening a .cue file..I was wondering if any one could point me in the right direction to exploiting this as we control the eax and ecx ive seen many diffrent ways of doing this through!peb and uef..Im looking for help in writing a simple poc for servic...

7.7AI score
Exploits0
0day.today
0day.today
added 2007/04/23 12:0 a.m.56 views

WEBInsta FM 0.1.4 login.php absolute_path Remote File Inclusion Exploit

Exploit for unknown platform in category web applications ======================================================================= WEBInsta FM 0.1.4 login.php absolutepath Remote File Inclusion Exploit ======================================================================= !/usr/bin/perl / \ / \ |...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2007/04/23 12:0 a.m.43 views

WEBInsta FM 0.1.4 - 'login.php' absolute_path Remote File Inclusion

!/usr/bin/perl / \ / \ | | | | | | | | | | | / | | | | | | | ' / | | ' \ / \ | | | | || | || | | | \ | | | | / | , |/ /|| ||| |||| / | |/ INFO: Program Title WebInsta FM = 0.1.4 Remote File Inclusion Vulnerability Description This is a basic file manager written by WebInsta.com Vuln Code In...

7.4AI score
Exploits0
myhack58
myhack58
added 2007/04/16 12:0 a.m.30 views

The United States Blizzard[World Of Warcraft] official program vulnerability-vulnerability warning-the black bar safety net

Battle.net clan management system using a MySQL backend, allowing users to easily upgrade and maintain the web site. System to achieve on exist input validation vulnerability, a remote attacker could use this vulnerability to executeSQL injectionattacks, unauthorized access to system administrati...

1.4AI score
Exploits0
0day.today
0day.today
added 2007/03/26 12:0 a.m.27 views

IceBB 1.0-rc5 Remote Create Admin Exploit

Exploit for unknown platform in category web applications ========================================= IceBB 1.0-rc5 Remote Create Admin Exploit ========================================= !/usr/bin/perl IceBB 1.0-rc5 Remote Create Admin Exploit 1. register a user 2. run this exploit with this usage :...

7.1AI score
Exploits0
NVD
NVD
added 2007/03/23 11:19 p.m.21 views

CVE-2007-1638

Multiple cross-site request forgery CSRF vulnerabilities in the checkcsrftoken function in lib/lib.inc.php in PHProjekt 5.2.0, when magicquotesgpc is disabled, allow remote attackers to perform unauthorized actions as an arbitrary user via the 1 Projects, 2 Contacts, 3 Helpdesk, 4 Notes, 5 Search...

6.8CVSS7.1AI score0.01723EPSS
Exploits0References9
Prion
Prion
added 2007/03/23 11:19 p.m.22 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the checkcsrftoken function in lib/lib.inc.php in PHProjekt 5.2.0, when magicquotesgpc is disabled, allow remote attackers to perform unauthorized actions as an arbitrary user via the 1 Projects, 2 Contacts, 3 Helpdesk, 4 Notes, 5 Search...

6.8CVSS7.7AI score0.01723EPSS
Exploits0References9Affected Software1
NVD
NVD
added 2007/03/21 9:19 p.m.16 views

CVE-2007-1576

Multiple cross-site scripting XSS vulnerabilities in PHProjekt 5.2.0, when magicquotesgpc is disabled, allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors to the 1 Projects, 2 Contacts, 3 Helpdesk, 4 Search only Gecko engine driven Browsers, and 5 Notes...

4.3CVSS5.4AI score0.01839EPSS
Exploits0References14
myhack58
myhack58
added 2007/03/20 12:0 a.m.25 views

phpbb2. 0. 1 2 full path disclosure vulnerability-a vulnerability warning-the black bar safety net

phpbb is a powerful, scalable open source electronic Bulletin system. The latest version and low version are there is a path disclosure issue. Test method: The forum path is/viewtopic. php? p=6&highlight=\xiaohua Will appear the following text: Warning: Compilation failed: missing terminating for...

2.6AI score
Exploits0
Packet Storm
Packet Storm
added 2007/03/14 12:0 a.m.28 views

phpnuke80-cookie.txt

///////////////////////////////////////////////////////////////////////////////////////////////////// PHPNuke Preferences - Multilingual Options- On Activate Multilingual features? = YES ///////////////////////////////////////////////////////////////////////////////////////////////////// Bug is...

7.4AI score
Exploits0
Prion
Prion
added 2007/03/10 10:19 p.m.15 views

Remote file inclusion

PHP remote file inclusion vulnerability in mysave.php in Magic CMS 4.2.747 allows remote attackers to execute arbitrary PHP code via a URL in the file parameter...

10CVSS8AI score0.04774EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2007/03/10 10:0 p.m.19 views

CVE-2007-1393

PHP remote file inclusion vulnerability in mysave.php in Magic CMS 4.2.747 allows remote attackers to execute arbitrary PHP code via a URL in the file parameter...

7.5AI score0.04774EPSS
Exploits1References6
CVE
CVE
added 2007/03/10 10:0 p.m.55 views

CVE-2007-1393

CVE-2007-1393 describes a PHP remote file inclusion vulnerability in mysave.php of Magic CMS 4.2.747, allowing remote attackers to execute arbitrary PHP code by supplying a URL in the file parameter. The NVD metrics indicate a high-severity, network-accessible flaw with complete impact on confide...

10CVSS7.5AI score0.04774EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder