PhotoSync Wifi & Bluetooth v1.0 - File Include Vulnerability

Document Title: =============== PhotoSync Wifi & Bluetooth v1.0 - File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1289 Release Date: ============= 2014-08-04 Vulnerability Laboratory ID VL-ID: ==================================...

PhotoSync Wifi & Bluetooth 1.0 - Local File Inclusion

Document Title: =============== PhotoSync Wifi & Bluetooth v1.0 - File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1289 Release Date: ============= 2014-08-04 Vulnerability Laboratory ID VL-ID: ==================================...

PhotoSync Wifi / Bluetooth 1.0 Local File Inclusion

Document Title: =============== PhotoSync Wifi & Bluetooth v1.0 - File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1289 Release Date: ============= 2014-08-04 Vulnerability Laboratory ID VL-ID: ==================================...

Wordpress xmlrpc. php brute force vulnerability-a vulnerability warning-the black bar safety net

wordpress is very popular open source blog, which provides remote POST method is used with pathxmlrpc.phpthis file recently broke xmlrpc vulnerability, the vulnerability principle is through the xmlrpc authentication, even when authentication fails, it will not be Wordpress to install the securit...

Barracuda Networks Message Archiver 650 - Persistent XSS Vulnerability

Exploit for cgi platform in category web applications Technical Details & Description: ================================ A persistent input validation web vulnerability has been discovered in the official Barracuda Networks Message Archiver 650 v3.2 appliance web-application. The remote...

Galmeta Post CMS 0.2 - Multiple Local File Inclusion Vulnerabilities

No description provided by source. ================================================================== Galmeta Post CMS Multiple Local File Inclusion Vulnerabilities ================================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' |...

PHP-Nuke <= 8.0 Final (sid) Remote SQL Injection Exploit

No description provided by source. ?php UNPUBLISHED RST/GHC EXPLOIT PHP Nuke sid sql injection exploit for Search module POST method - the best for version 8.0 FINAL coded by Foster & 1dt.w0lf tested on 6.0 , 6.6 , 7.9 , 8.0 FINAL versions if isset$POST'Submit'...

sBlog 0.7.2 search.php keyword Variable POST Method XSS

No description provided by source. source: http://www.securityfocus.com/bid/17044/info sBlog is prone to HTML-injection vulnerabilities. The application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be...

Beetel 450TC2 Router Admin Password CSRF Vulnerability

No description provided by source. ??!-- Exploit Title: Beetel 450TC2 Router Admin Password Cross Site Request Forgery Vulnerability Date: 30/04/2014 Exploit Author: shyamkumar somana Vendor Homepage: www.beetel.in Version: 450TC2 - Firmware version : TX6-0Q-005retail Tested on: Windows 8 Beetel...

Depot WiFi 1.0.0 iOS - Multiple Vulnerabilities

No description provided by source. Document Title: =============== Depot WiFi v1.0.0 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1259 Release Date: ============= 2014-04-23 Vulnerability Laboratory ID VL-ID:...

AspxCommerce 2.0 - Arbitrary File Upload Vulnerability

No description provided by source. Exploit Title: AspxCommerce v2.0 - Arbitrary File Upload Vulnerability Exploit Author: SANTHO Vendor Homepage: http://www.aspxcommerce.com/ Version: Version 2.0 and below Introduction: AspxCommerce is a complete e-Commerce solution for setting up a fully...

Zoho BugTracker Multiple Stored XSS Vulnerabilities

No description provided by source. !-- Zoho BugTracker Multiple Stored XSS Vulnerabilities Vendor: Zoho Corporation Pvt. Ltd Product web page: http://www.zoho.com Affected version: N/A Summary: Zoho Bug Tracker is an online bug tracking software that combines a clean and an intuitive interface to...

MTP Image Gallery 1.0 (edit_photos.php, title param) - XSS Vulnerability

No description provided by source. ?!-- MTP Image Gallery 1.0 title Remote Script Insertion Vulnerability Vendor: MTP Scripts Product web page: http://www.morephp.net Affected version: 1.0 Summary: MTP Image Gallery offers more control, better uploading and enhanced performance. With MTP Image...

ILIAS eLearning CMS 4.3.4 & 4.4 - Persistent XSS

No description provided by source. Document Title: =============== ILIAS eLearning 4.3.4 & 4.4 CMS - Persistent Notes Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1122 Release Date: ============= 2013-10-27 Vulnerability Laboratory I...

FOG Forum 0.8.1 - Multiple Local File Inclusion Vulnerabilities

No description provided by source. ======================================================= FOG Forum 0.8.1 Local File Inclusion Vulnerabilities ======================================================= ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Te...

Timesheet Next Gen 1.5.2 - Multiple SQLi

No description provided by source. Exploit Title: Timesheet Next Gen 1.5.2 Multiple SQLi Date: 02/23/12 Author: G13 Software Link: https://sourceforge.net/projects/tsheetx/ Version: 1.5.2 Category: webapps php Vulnerability The login.php page has multiple SQL injection vulnerabilities. Both the...

Enthrallweb eClassifieds 1.0 - Remote User Pass Change Exploit

No description provided by source. form action=target/myprofile.asp method=POST name=form2 p /p table align=center cellpadding=1 cellspacing=1 tr valign=baseline td align=right nowrap class=title Change Profile=Username input type=text name=MMrecordId value=ajann /td td input type=text...

WEBgais 1.0 websendmail Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2077/info WEBgais is a package that provides a web interface to the gais Global Area Intelligent Search search engine tool. This package contains a vulnerable script, websendmail, which can be used to execute arbitrary...

LinPHA 0.9.x/1.0 forth_stage_install.php language Variable POST Method Local File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/16592/info LinPHA is prone to multiple local file-inclusion and PHP code-injection vulnerabilities. The local file-inclusion issues are due to insecure use of the 'includeonce' PHP function in multiple scripts. The PHP...

BSI Advance Hotel Booking System 2.0 Cross Site Scripting

Exploit Title:BSI Advance Hotel Booking System Persistent XSS Google Dork: intext:Hotel Booking System v2.0 © 2008 - 2012 Copyright Best Soft Inc Date: Wed Jun 4 2014 Exploit Author: Angelo Ruwantha Vendor Homepage: http://www.bestsoftinc.com Software Link:...